docs: add SECURITY.md

Signed-off-by: Diana Lau <dhmlau@ca.ibm.com>
This commit is contained in:
Diana Lau 2022-03-29 10:15:46 -04:00
parent b87431fb2c
commit 5811666c60
1 changed files with 19 additions and 0 deletions

19
SECURITY.md Normal file
View File

@ -0,0 +1,19 @@
# Security Policy
## Security advisories
Security advisories can be found on the
[LoopBack website](https://loopback.io/doc/en/sec/index.html).
## Reporting a vulnerability
If you think you have discovered a new security issue with any LoopBack package,
**please do not report it on GitHub**. Instead, send an email to
[security@loopback.io](mailto:security@loopback.io) with the following details:
- Full description of the vulnerability.
- Steps to reproduce the issue.
- Possible solutions.
If you are sending us any logs as part of the report, then make sure to redact
any sensitive data from them.