Add Security Policy

[gabibguti]

Adding a Security Policy is important to provide guidance on how users can report potential vulnerabilities and communicate when vulnerabilities will be confirmed, fixed and disclosed to the public.

This is considered a good-practice and recommended by Github and Scorecard.

If you agree, I can open a PR to suggest a Security Policy! We can then work together to communicate how the repo can best handle vulnerability reports.

Additional Context

Hi! I'm Gabriela and I work on behalf of Google and the OpenSSF suggesting supply-chain security changes :)

[edschofield]

Hi Gabriela, Yes, good idea. Feel free to open a PR about this.

…

On Sat, Jun 3, 2023 at 5:31 AM Gabriela Gutierrez ***@***.***> wrote: Adding a Security Policy is important to provide guidance on how users can report potential vulnerabilities and communicate when vulnerabilities will be confirmed, fixed and disclosed to the public. This is considered a good-practice and recommended by Github <https://docs.github.com/en/code-security/getting-started/securing-your-repository#setting-a-security-policy> and Scorecard <https://github.com/ossf/scorecard>. If you agree, I can open a PR to suggest a Security Policy! We can then work together to communicate how the repo can best handle vulnerability reports. Additional Context Hi! I'm Gabriela and I work on behalf of Google and the OpenSSF suggesting supply-chain security changes :) — Reply to this email directly, view it on GitHub <#620>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAATD2UKHNPX5AMUJTOVR5DXJI5QPANCNFSM6AAAAAAYYWWFJI> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

-- Dr. Edward Schofield Python Charmers +61 (0)405 676 229 http://pythoncharmers.com

[barb9878]

I dont kno if i did this right are not i was just trying to see my emails go to the right inbox thanks😄