ash/.github/security.md

# Security Policy

[![OpenSSF Vulnerability Disclosure](https://img.shields.io/badge/OpenSSF-Vulnerability_Disclosure-green)](https://github.com/ossf/oss-vulnerability-guide/blob/main/finder-guide.md)
[![GitHub Report](https://img.shields.io/badge/GitHub-Security_Advisories-blue)](https://github.com/ash-project/ash/security/advisories/new)
[![Email Report](https://img.shields.io/badge/Email-security%40ash-hq.org-blue)](mailto:security@ash-hq.org)

This repository follows the [OpenSSF Vulnerability Disclosure guide](https://github.com/ossf/oss-vulnerability-guide/tree/main). You can learn more about it in the [Finders Guide](https://github.com/ossf/oss-vulnerability-guide/blob/main/finder-guide.md).

Please report vulnerabilities via the [GitHub Security Vulnerability Reporting](https://github.com/ash-project/ash/security/advisories/new)
or via email to [`security@ash-hq.org`](mailto:security@ash-hq.org) if this does not work for you.

Someone from the core team respond within 3 working days of your
report. If the issue is confirmed as a vulnerability, we will open a Security
Advisory. This project follows a 90 day disclosure timeline.

If you have questions about reporting security issues, email the vulnerability
management team: [`security@erlef.org`](mailto:security@erlef.org)
chore: set up security policy 2024-04-22 01:48:14 +12:00			`# Security Policy`

			`[![OpenSSF Vulnerability Disclosure](https://img.shields.io/badge/OpenSSF-Vulnerability_Disclosure-green)](https://github.com/ossf/oss-vulnerability-guide/blob/main/finder-guide.md)`
			`[![GitHub Report](https://img.shields.io/badge/GitHub-Security_Advisories-blue)](https://github.com/ash-project/ash/security/advisories/new)`
			`[![Email Report](https://img.shields.io/badge/Email-security%40ash-hq.org-blue)](mailto:security@ash-hq.org)`

			`This repository follows the [OpenSSF Vulnerability Disclosure guide](https://github.com/ossf/oss-vulnerability-guide/tree/main). You can learn more about it in the [Finders Guide](https://github.com/ossf/oss-vulnerability-guide/blob/main/finder-guide.md).`

			`Please report vulnerabilities via the [GitHub Security Vulnerability Reporting](https://github.com/ash-project/ash/security/advisories/new)`
			or via email to [`security@ash-hq.org`](mailto:security@ash-hq.org) if this does not work for you.

			`Someone from the core team respond within 3 working days of your`
			`report. If the issue is confirmed as a vulnerability, we will open a Security`
			`Advisory. This project follows a 90 day disclosure timeline.`

			`If you have questions about reporting security issues, email the vulnerability`
			management team: [`security@erlef.org`](mailto:security@erlef.org)