xz/.github at 36b531022f24a2ab57a2dfb9e5052f1c176e9d9a - xz

History

Lasse Collin fe9e66993f Docs: Remove .github/SECURITY.md One of the reasons to have this file in the xz repository was to show vulnerability reporting info in the Security section on GitHub. On 2024-11-25, I added SECURITY.md to the tukaani-project organization on GitHub: https://github.com/tukaani-project/.github/blob/main/SECURITY.md GitHub shows that file in all projects in the organization unless overridden by a project-specific SECURITY.md. Thus, removing the file from the xz repo makes GitHub show the organization-wide text instead. Maintaining a single copy for the whole GitHub organization makes things simpler. It's also nicer to have fewer GitHub-specific files in the xz repo. Information how to report bugs (including security issues) is available in README and on the home page too. The OpenSSF Scorecard tool didn't find .github/SECURITY.md from the xz repository. There was a suggestion to move the file to the top-level directory where Scorecard should find it. However, Scorecard does find the organization-wide SECURITY.md. Thus, the file isn't needed in the xz repository to score points in the Scorecard game: https://scorecard.dev/viewer/?uri=github.com/tukaani-project/xz Closes: https://github.com/tukaani-project/xz/issues/148 Closes: https://github.com/tukaani-project/xz/pull/149	2024-11-30 12:05:59 +02:00
..
workflows	CI: update FreeBSD, NetBSD, OpenBSD, Solaris actions	2024-10-02 10:10:54 +03:00

Lasse Collin fe9e66993f Docs: Remove .github/SECURITY.md

One of the reasons to have this file in the xz repository was to
show vulnerability reporting info in the Security section on GitHub.
On 2024-11-25, I added SECURITY.md to the tukaani-project organization
on GitHub:

    https://github.com/tukaani-project/.github/blob/main/SECURITY.md

GitHub shows that file in all projects in the organization unless
overridden by a project-specific SECURITY.md. Thus, removing
the file from the xz repo makes GitHub show the organization-wide
text instead.

Maintaining a single copy for the whole GitHub organization makes
things simpler. It's also nicer to have fewer GitHub-specific files
in the xz repo. Information how to report bugs (including security
issues) is available in README and on the home page too.

The OpenSSF Scorecard tool didn't find .github/SECURITY.md from the
xz repository. There was a suggestion to move the file to the top-level
directory where Scorecard should find it. However, Scorecard does find
the organization-wide SECURITY.md. Thus, the file isn't needed in the
xz repository to score points in the Scorecard game:

    https://scorecard.dev/viewer/?uri=github.com/tukaani-project/xz

Closes: https://github.com/tukaani-project/xz/issues/148
Closes: https://github.com/tukaani-project/xz/pull/149

2024-11-30 12:05:59 +02:00

workflows

CI: update FreeBSD, NetBSD, OpenBSD, Solaris actions

2024-10-02 10:10:54 +03:00