github/awesome-cordova-plugins
2
0
Fork 1
mirror of https://github.com/danielsogl/awesome-cordova-plugins.git synced 2026-05-20 00:06:24 +08:00
Code Issues Projects Releases Wiki Activity

docs: add security policy for vulnerability reporting

Browse Source
This commit is contained in:
Daniel Sogl
2026-03-21 17:14:59 -07:00
parent e546d24411
commit a72284b499
1 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SECURITY.md
+28
View File
@@ -0,0 +1,28 @@
# Security Policy
## Reporting a Vulnerability
If you discover a security vulnerability in Awesome Cordova Plugins, please report it responsibly.
**Do not open a public GitHub issue for security vulnerabilities.**
Instead, please send an email to the maintainer or use [GitHub's private vulnerability reporting](https://github.com/danielsogl/awesome-cordova-plugins/security/advisories/new).
### What to include
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Potential impact
### Response
You can expect an initial response within 72 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.
## Scope
This policy covers the `@awesome-cordova-plugins/*` TypeScript wrapper packages. For vulnerabilities in the underlying Cordova plugins themselves, please report to the respective plugin maintainers.
## Supported Versions
Only the latest major version receives security updates.