Merge pull request #177 from shreelakshmijoshi/feature/adding-securit…

…y-markdownfile Feature: Add SECURITY.md
datakaveri · Sep 12, 2024 · 2358731 · 2358731
2 parents 3c26403 + b3a6a9a
commit 2358731
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 0 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md
@@ -7,6 +7,7 @@ assignees: ''
 
 ---
 
+* To report vulnerabilities please refer [SECURITY.md](https://github.com/datakaveri/dx-acl-apd/blob/main/SECURITY.md)
 
 ### Current Behavior:
 <!-- A concise description of what you're experiencing. -->

diff --git a/.github/workflows/update_wiki.yml b/.github/workflows/update_wiki.yml
@@ -36,6 +36,7 @@ jobs:
           cp -r LICENSE wiki/LICENSE.md | 
           cp -r CODE_OF_CONDUCT.md wiki/ |
           cp -r CONTRIBUTING.md wiki/ | 
+          cp -r SECURITY.md wiki/ |
           ls -la wiki/
 
       - name: Copy and Modify README for Wiki
@@ -69,6 +70,7 @@ jobs:
           mv wiki/LICENSE.md wiki/08-License.md
           mv wiki/CODE_OF_CONDUCT.md wiki/09-Code-of-conduct.md | sed -i -e 's/.\/docs\/cdpg.png/cdpg.png/ ' wiki/09-Code-of-conduct.md 
           mv wiki/CONTRIBUTING.md wiki/10-Contributing.md | sed -i -e 's/.\/docs\/cdpg.png/cdpg.png/ ' wiki/10-Contributing.md 
+          mv wiki/SECURITY.md wiki/11-Security.md | sed -i -e 's/.\/docs\/cdpg.png/cdpg.png/ ' wiki/11-Security.md
           ls -la wiki  # List files to verify renaming
 
 

diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,25 @@
+<p align="center">
+<img src="./docs/cdpg.png" width="300">
+</p>
+
+**Thanks for reporting the vulnerability issue**! :vulcan_salute:
+<br>
+If you find any potential vulnerabilities in Data Exchange servers, please report it to us in a confidential way 
+by adding the following content in the email:
+
+```
+From: <email-ID>
+To: DX Admin <[email protected]>, DX Support <[email protected]>
+Subject: Vulnerability report
+Attachement: <screenshots, reports, videos, etc., > 
+Body:
+    Type of the issue: <ex: SQL Injection>,
+    Affected files: <path to affect files>,
+    Prerequisities: <configurations to reproduce the issue>,
+    Steps: <All the steps to follow to reproduce the issue>,
+    Impact of the issue: <About the issue causing any further problems>,
+    Anything else: <links? references? anything that will give us more context about the issue>
+        
+```
+
+