mirror of
https://github.com/kjanat/articulate-parser.git
synced 2026-01-16 11:42:09 +01:00
chore: Enhance developer tooling and documentation
Adds `actionlint` to the pre-commit configuration to validate GitHub Actions workflows. Significantly expands the `AGENTS.md` file with a comprehensive summary of new features and changes in Go 1.24 and 1.25, along with actionable recommendations for the project. Additionally, normalizes markdown list formatting across various documentation files for consistency.
This commit is contained in:
32
.github/SECURITY.md
vendored
32
.github/SECURITY.md
vendored
@ -13,32 +13,32 @@ Currently, the following versions of Articulate Rise Parser are supported with s
|
||||
|
||||
We take the security of Articulate Rise Parser seriously. If you believe you have found a security vulnerability, please follow these steps:
|
||||
|
||||
1. **Do not disclose the vulnerability publicly** - Please do not create a public GitHub issue for security vulnerabilities.
|
||||
2. **Email the details to [security+articulate-parser@kjanat.com]** - Include as much information as possible about the vulnerability.
|
||||
3. **Wait for a response** - We will acknowledge your email within 48 hours and provide an estimated timeline for a fix.
|
||||
4. **Work with us** - We may ask for additional information to help us understand and address the issue.
|
||||
1. **Do not disclose the vulnerability publicly** - Please do not create a public GitHub issue for security vulnerabilities.
|
||||
2. **Email the details to [security+articulate-parser@kjanat.com]** - Include as much information as possible about the vulnerability.
|
||||
3. **Wait for a response** - We will acknowledge your email within 48 hours and provide an estimated timeline for a fix.
|
||||
4. **Work with us** - We may ask for additional information to help us understand and address the issue.
|
||||
|
||||
## What to Include in a Report
|
||||
|
||||
When reporting a vulnerability, please include:
|
||||
|
||||
- A clear description of the issue
|
||||
- Steps to reproduce the vulnerability
|
||||
- The potential impact of the vulnerability
|
||||
- Any possible mitigations you've identified
|
||||
- A clear description of the issue
|
||||
- Steps to reproduce the vulnerability
|
||||
- The potential impact of the vulnerability
|
||||
- Any possible mitigations you've identified
|
||||
|
||||
## What to Expect
|
||||
|
||||
- We will acknowledge receipt of your vulnerability report within 48 hours.
|
||||
- We will provide regular updates about our progress.
|
||||
- We will notify you when the vulnerability is fixed.
|
||||
- With your permission, we will include your name in the acknowledgments.
|
||||
- We will acknowledge receipt of your vulnerability report within 48 hours.
|
||||
- We will provide regular updates about our progress.
|
||||
- We will notify you when the vulnerability is fixed.
|
||||
- With your permission, we will include your name in the acknowledgments.
|
||||
|
||||
## Security Measures
|
||||
|
||||
This project follows these security practices:
|
||||
|
||||
- Regular dependency updates via Dependabot
|
||||
- CodeQL security scanning
|
||||
- Automated testing for each pull request
|
||||
- Code review requirements for all changes
|
||||
- Regular dependency updates via Dependabot
|
||||
- CodeQL security scanning
|
||||
- Automated testing for each pull request
|
||||
- Code review requirements for all changes
|
||||
|
||||
Reference in New Issue
Block a user