Skip to content

Add SECURITY.md, referencing GitPython's#117

Merged
Byron merged 1 commit intogitpython-developers:masterfrom
EliahKagan:security
Jan 5, 2025
Merged

Add SECURITY.md, referencing GitPython's#117
Byron merged 1 commit intogitpython-developers:masterfrom
EliahKagan:security

Conversation

@EliahKagan
Copy link
Member

@EliahKagan EliahKagan commented Jan 5, 2025

Along with gitpython-developers/smmap#59 and a forthcoming related PR in GitPython, this will fix #116.

@EliahKagan
Add SECURITY.md, referencing GitPython's
2620952 
Along with gitpython-developers/smmap#59
and a forthcoming related PR in GitPython, this will fix gitpython-developers#116.
EliahKagan added a commit to EliahKagan/GitPython that referenced this pull request Jan 5, 2025
@EliahKagan
Affirm that gitdb and smmap advisories can also be crated
770e4b8 
This expands `SECURITY.md` to affirm the claims in the new
`SECURITY.md` files in gitdb and smmap that vulnerabilities found
in them can be reported in the GitPython repository with the same
link as one would use to report a GitPython vulnerability, as well
as to note how the distinction between affected package can be
specified when it is known at the time a vulnerability is reported.

Along with gitpython-developers/smmap#59
and gitpython-developers/gitdb#117, this
fixes gitpython-developers/gitdb#116.
@EliahKagan EliahKagan mentioned this pull request Jan 5, 2025
Merged
EliahKagan added a commit to EliahKagan/GitPython that referenced this pull request Jan 5, 2025
@EliahKagan
Affirm that gitdb and smmap advisories can also be created
0459b9a 
This expands `SECURITY.md` to affirm the claims in the new
`SECURITY.md` files in gitdb and smmap that vulnerabilities found
in them can be reported in the GitPython repository with the same
link as one would use to report a GitPython vulnerability, as well
as to note how the distinction between affected package can be
specified when it is known at the time a vulnerability is reported.

Along with gitpython-developers/smmap#59
and gitpython-developers/gitdb#117, this
fixes gitpython-developers/gitdb#116.
EliahKagan added a commit to EliahKagan/GitPython that referenced this pull request Jan 5, 2025
@EliahKagan
Affirm that gitdb and smmap advisories can also be created
b20de09 
This expands `SECURITY.md` to affirm the claims in the new
`SECURITY.md` files in gitdb and smmap that vulnerabilities found
in them can be reported in the GitPython repository with the same
link as one would use to report a GitPython vulnerability, as well
as to note how the distinction between affected package can be
specified when it is known at the time a vulnerability is reported.

Along with gitpython-developers/smmap#59
and gitpython-developers/gitdb#117, this
fixes gitpython-developers/gitdb#116.
Byron
Byron approved these changes Jan 5, 2025
View reviewed changes
Copy link
Member

@Byron Byron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, thank you!

@Byron Byron merged commit 6fdd19c into gitpython-developers:master Jan 5, 2025
7 checks passed
@EliahKagan EliahKagan deleted the security branch January 5, 2025 16:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Byron Byron Byron approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unclear what security policy would apply to gitdb and smmap vulnerabilities

2 participants

@EliahKagan @Byron