Agregar una política de seguridad a tu repositorio

Puedes dar instrucciones de cómo reportar una vulnerabilidad de seguridad en tu proyecto si agregas una política de seguridad a tu repositorio.

  1. On GitHub, navigate to the main page of the repository.

  2. Under the repository name, click Security. If you cannot see the "Security" tab, select the dropdown menu, and then click Security.

    Screenshot of a repository header showing the tabs. The "Security" tab is highlighted by a dark orange outline.

  3. In the left sidebar, under "Reporting", click Policy.

  4. Click Start setup.

  5. In the new SECURITY.md file, add information about supported versions of your project and how to report a vulnerability.

  6. Click Commit changes...

  7. In the "Commit message" field, type a short, meaningful commit message that describes the change you made to the file. You can attribute the commit to more than one author in the commit message. For more information, see Creating a commit with multiple authors.

  8. Below the commit message fields, decide whether to add your commit to the current branch or to a new branch. If your current branch is the default branch, you should choose to create a new branch for your commit and then create a pull request. For more information, see Creating a pull request.

    Screenshot of a GitHub pull request showing a radio button to commit directly to the main branch or to create a new branch. New branch is selected.

  9. Click Commit changes or Propose changes.

Further reading