mirror of
https://github.com/kjanat/articulate-parser.git
synced 2026-01-16 09:42:09 +01:00
fix: restore pre-commit, CGO_ENABLED, gohtml template
- Add CGO_ENABLED=1 to CI test step for race detection - Fix docker job needs (remove dependency-review, only runs on PRs) - Restore .pre-commit-config.yaml for local dev safety - Rename html_template.html to .gohtml (conventional extension) - Add GitHub URL and default branch info to AGENTS.md - Add .dprint.jsonc config - Various formatting normalization
This commit is contained in:
32
.github/SECURITY.md
vendored
32
.github/SECURITY.md
vendored
@ -13,32 +13,32 @@ Currently, the following versions of Articulate Rise Parser are supported with s
|
||||
|
||||
We take the security of Articulate Rise Parser seriously. If you believe you have found a security vulnerability, please follow these steps:
|
||||
|
||||
1. **Do not disclose the vulnerability publicly** - Please do not create a public GitHub issue for security vulnerabilities.
|
||||
2. **Email the details to [security+articulate-parser@kjanat.com]** - Include as much information as possible about the vulnerability.
|
||||
3. **Wait for a response** - We will acknowledge your email within 48 hours and provide an estimated timeline for a fix.
|
||||
4. **Work with us** - We may ask for additional information to help us understand and address the issue.
|
||||
1. **Do not disclose the vulnerability publicly** - Please do not create a public GitHub issue for security vulnerabilities.
|
||||
2. **Email the details to [security+articulate-parser@kjanat.com]** - Include as much information as possible about the vulnerability.
|
||||
3. **Wait for a response** - We will acknowledge your email within 48 hours and provide an estimated timeline for a fix.
|
||||
4. **Work with us** - We may ask for additional information to help us understand and address the issue.
|
||||
|
||||
## What to Include in a Report
|
||||
|
||||
When reporting a vulnerability, please include:
|
||||
|
||||
- A clear description of the issue
|
||||
- Steps to reproduce the vulnerability
|
||||
- The potential impact of the vulnerability
|
||||
- Any possible mitigations you've identified
|
||||
- A clear description of the issue
|
||||
- Steps to reproduce the vulnerability
|
||||
- The potential impact of the vulnerability
|
||||
- Any possible mitigations you've identified
|
||||
|
||||
## What to Expect
|
||||
|
||||
- We will acknowledge receipt of your vulnerability report within 48 hours.
|
||||
- We will provide regular updates about our progress.
|
||||
- We will notify you when the vulnerability is fixed.
|
||||
- With your permission, we will include your name in the acknowledgments.
|
||||
- We will acknowledge receipt of your vulnerability report within 48 hours.
|
||||
- We will provide regular updates about our progress.
|
||||
- We will notify you when the vulnerability is fixed.
|
||||
- With your permission, we will include your name in the acknowledgments.
|
||||
|
||||
## Security Measures
|
||||
|
||||
This project follows these security practices:
|
||||
|
||||
- Regular dependency updates via Dependabot
|
||||
- CodeQL security scanning
|
||||
- Automated testing for each pull request
|
||||
- Code review requirements for all changes
|
||||
- Regular dependency updates via Dependabot
|
||||
- CodeQL security scanning
|
||||
- Automated testing for each pull request
|
||||
- Code review requirements for all changes
|
||||
|
||||
Reference in New Issue
Block a user