From 9182f8011b78ae53a0a5d5b9089f4bf169186748 Mon Sep 17 00:00:00 2001 From: Tony Brix Date: Thu, 23 May 2019 15:16:59 -0500 Subject: [PATCH] Add security policy --- SECURITY.md | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..180dfe7284 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,10 @@ +# Security Policy + +The only completely secure system is the one that doesn't exist in the first place. +Having said that, we take the security of Marked very seriously. + +## Reporting a Vulnerability + +Please disclose potential security issues by email to the project committers as well as the listed owners within NPM. +We will provide an initial assessment of security reports within 48 hours and should apply patches within 2 weeks +(also, feel free to contribute a fix for the issue).