McSinyx
/
pip
mirror of https://github.com/pypa/pip
1
1
Fork 0
Code Issues Releases Activity

Update security policy (#12254) 

Provide a link to the CNA/PSRT disclosure process.
This commit is contained in:
Seth Michael Larson 2023-09-05 17:31:55 -05:00 committed by GitHub
parent 6328294d1f
commit 7c5b2f2ca9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
SECURITY.md
View File

@ -1,3 +1,10 @@
# Security and Vulnerability Reporting
# Security Policy
If you find any security issues, please report to [security@python.org](mailto:security@python.org)
## Reporting a Vulnerability
Please read the guidelines on reporting security issues [on the
official website](https://www.python.org/dev/security/) for
instructions on how to report a security-related problem to
the Python Security Response Team responsibly.
To reach the response team, email `security at python dot org`.

1
news/12254.process.rst Normal file
View File

@ -0,0 +1 @@
Added reference to `vulnerability reporting guidelines <https://www.python.org/dev/security/>`_ to pip's security policy.