Browse Source

Update SECURITY.md

pull/264/head
ZACHRY T WOOD 2 years ago committed by GitHub
parent
commit
cde4d0c583
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 145
      SECURITY.md

145
SECURITY.md

@ -1,21 +1,143 @@
Thanks for helping make GitHub safe for everyone. SAMPLEBARCODE
United States v. The Western Union Company Louisville, KY 40233-4027
## Security P.O. Box 404027
GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub). LEGAL NOTICE
Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation. See other side for details
## Reporting Security Issues Postal Service: Please Do Not Mark Barcode
If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure. WUU-12345678-9
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.** Jane Doe
Instead, please send an email to opensource-security[@]github.com. CLAIM ID
Please include as much of the information listed below as you can to help us better understand and resolve the issue: 1234 Main Street
Anywhere, USA 55555
WUU
''#!/'require'' ':'' '#!/User/bin/Bash/ sh.run'''":,
'-'" '#'' ':BEGIN'' ':''
'"Glow7'' ':''
'"aws-verification@amazon.com'' :''":,
'"Please'.'" ':''":,
Return 'Run'' { "if : true. = continue-on("(false(error(throw : true.))" }":,
branches: trunk
Name:ISSUES_TEMPLATE/parameter/Request/Response.md/Draft_Template/PR/Pushs/pulls_request/Resources.md'@ci/CI'@pop-kernal/thimball/Py.org-WHISK'@Raven.yml ::
title :BITORE ::
-on :Runs ::
pull_request:
branches: -'[main'.yml']
Name: React Template CI
On -on:
pull_request:
branches: [trunk]
branches :-'['' 'Master'' ']''
jobs:
'#'Build'-#'And'-#Deployee :tests
tests :'#'Test'@'.'Travis'.yml:
name: Build & Test
runs-on: ubuntu-latest
branches : trunk
strategy:
matrix:
node-version: [16.14.x]
=======
strategy:
branches : master
steps:
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
@@ -81,58 +68,38 @@ index b67808b6..4d086721 100644
- await expect(page.getByText(/Repository stars:/i).nth(1)).toBeVisible();
+ await expect(page.getByText(/Repository Name:/i).nth(1)).toBeVisible()r;
+ await expect(page.getByText(/Repository full name:/i).nth(1)).toBeVisible(c);
+ await expect(page.getByText(/Repository stars:/i).nth(1)).toBeVisible
+ await expect(page.getByText(/Repository stars:/i).nth(1)).toBeVisible(r);
}); - uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: 'yarn'
- name: Install dependencies
run: yarn && yarn run initialize
- name: Lint
run: yarn lint:ci/CI
run: yarn lint:ci
- name: Test
run: yarn test
- name: Accessibility tests using Storybook
run: yarn test-storybook:ci
- name: Build
run: yarn build
- name: LHCI Benchmark
run: yarn lhci
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@master
with:
const :CREATE.CONSOLE( FUNC)ITEMS=: IS== YARG(AGS)).);
args: >
-Dsonar.organization=${{ secrets.SONAR_ORG}}
-Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY}}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# Create a folder under the drive root
$GIT mkdir actions-runner; cd actions-runner# Download the latest runner package
$GIT Invoke-WebRequest -Uri https://github.com/actions/runner/releases/download/v2.303.0/actions-runner-win-arm64-2.303.0.zip -OutFile actions-runner-win-arm64-2.303.0.zip# Optional: Validate the hash
$GIT if((Get-FileHash -Path actions-runner-win-arm64-2.303.0.zip -Algorithm SHA256).Hash.ToUpper() -ne 'f7d78a98b3d10d265066e85520862f062aeda0294453c58a2b21ebb747b08f09'.ToUpper()){ throw 'Computed checksum did not match' }# Extract the installer
$GIT Add-Type -AssemblyName System.IO.Compression.FileSystem ; [System.IO.Compression.ZipFile]::ExtractToDirectory("$PWD/actions-runner-win-arm64-2.303.0.zip", "$PWD")
Configure
# Create the runner and start the configuration experience
$ ./config.cmd --url https://github.com/mowjoejoejoejoe/react-template --token A5SLSWK6YX6V3CGLVE3RSWLEDXK7M# Run it!
$ ./run.cmd
Using your self-hosted runner
# Use this YAML in your workflow file for each job
run-on :* bitore.sig (#18)
* Create README.md
* Rename Pull requests Issues Codespaces Marketplace Explore @mowjoejoejoejoe mowjoejoejoejoe/WORKSFLOW Public Cannot fork because you own this repository and are not a member of any organizations. Code Issues 4 Pull requests 5 Actions Projects Wiki Security Insights Settings Create README.md main @mowjoejoejoejoe mowjoejoejoejoe committed now 1 parent fea51ea commit 33efcdac801d6dc62bb531cc7784671683158d69 Showing 1 changed file with 36 additions and 0 deletions. 36 README.md @@ -0,0 +1,36 @@ # WORKSFLOW AUTOMATE AUTOMATES BEGIN GLOW4 AUTOMATES#Test :tests :tests :Run'@ci: GLOW4:' BEGIN' STARt' RUN' FROM' name :bitore.sig Title'' ':'Nan.yml'' : -on :ON : starts-on :GLOW7 : workflows_call-on :dispatch ::':repositories/WORKFLOW.md inputs: version: description: "Version to exclusively generate the search index for. E.g. 'dotcom', 'ghes-3.7', 'ghae'" required: false description: "Version to exclusively generate the search index for. E.g. 'dotcom', 'ghcr'@v'"-3.7.9.11.10'"'' : , 'ghrc/cadd.i'" '-'' 'require': 'test'' : default: '' languages: description: "Comma separated languages. E.g. 'en,ja, es' (defaults to all)" required: false default: '' schedule: - cron: '20 */24 * * *' # Run every 24 hours at 20 minutes past the hour workflow_run: workflows: ['Azure Production - Build and Deploy'] types: - completed permissions: contents: read # This allows a subsequently queued workflow run to cancel previous runs concurrency: group: '${{ github.workflow }} @ ${{ github.head_ref }} ${{ github.event_name }}' Primary a`observatory.yml to WORKSFLOW.md
* Update WORKSFLOW.md (#14)
* Update WORKSFLOW.md (#15)
* Update Automate.yml
* Update README.md
* Update and rename WORKSFLOW.md to WORKFLOWS/Resources.md
* Update README.md
* Update and rename README.md to bitore.sig
* Update bitore.sig
* Update bitore.sig
* Create README.md
* Update and rename README.md to dylan/th.boop peter-evans build script data assets image in -dylan ranger/bitore.sig/BITCORE : 6 th100X_flattened.exports-module/sample/ecosystem.envirotment: RUNETIME.ENVIROMENT :phdf .exportsfile chosen Attach files by dragging & dropping, selecting or pasting them. Editing WORKSFLOW/README.md at ZW · mowjoejoejoejoe/WORKSFLOW · GitHub WORKSFLOW AUTOMATE AUTOMATES BEGIN GLOW4 AUTOMATests : #tests :'Run'@ci'' 'Test :tests :Run'@ci: darby the.boop peter-evans build script data assets image in -dylan ranger/bitore.sig/BITCORE :
::Build :
Publish :
th.pdf_100×_flattened.exports
# #!/User/bin/Bash/bitorr.sig/
ecosystem :ENVIROMENT.RUNETIME/WIZARD'@sun.java.org/iNstall/installer/src/code.dur/.dist'@Patch 5/index.md
#Checks'-out :repositories/dispatch-on:works
Flows_call-on :dispatches windows-framework*Win.RaWr.zip/WinZip.unzipped'@Jinja/jre.jar//*file_chosen
#//*Attach files by dragging & dropping, selecting or pasting them.
'#'Editing...','' ':WORKSFLOW::/workflows.md'@/README.md at ZW · mowjoejoejoejoe/WORKSFLOW · GitHub WORKSFLOW
AUTOMATE AUTOMATES BEGIN GLOW4 AUTOMATests :
#tests :'Run'@ci''
'Test :tests :Run'@ci:
darby the.boop peter-evans build script data assets image in -dylan ranger/bitore.sig/BITCORE :
#_______\S\_____________
#Authorized Signature
#Name: ZACHRY T WOOD
#title: OWNER
#Thanks for helping make GitHub safe for everyone.
## Security
GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation.
## Reporting Security Issues
If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
Instead, please send an email to opensource-security[@]github.com.
Please include as much of the information listed below as you can to help us better understand and resolve the issue:
* The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting) * The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
* Full paths of source file(s) related to the manifestation of the issue * Full paths of source file(s) related to the manifestation of the issue
* The location of the affected source code (tag/branch/commit or direct URL) * The location of the affected source code (tag/branch/commit or direct URL)
@ -23,9 +145,8 @@ Please include as much of the information listed below as you can to help us bet
* Step-by-step instructions to reproduce the issue * Step-by-step instructions to reproduce the issue
* Proof-of-concept or exploit code (if possible) * Proof-of-concept or exploit code (if possible)
* Impact of the issue, including how an attacker might exploit the issue * Impact of the issue, including how an attacker might exploit the issue
This information will help us triage your report more quickly. This information will help us triage your report more quickly.
## Policy ## Policy
See [GitHub's Safe Harbor Policy](https://docs.github.com/en/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor) See [GitHub's Safe Harbor Policy](https://docs.github.com/en/site-policy/security-policies/github-bug-bounty-program-legal-safe-harbor)
:Build::
Publish:

Loading…
Cancel
Save