docs: add contributor, security, and forge templates
Add CONTRIBUTING/SECURITY/CHANGELOG, Gitea issue and PR templates, and README guidance for Gitea metadata and releases. Made-with: Cursor
This commit is contained in:
20
SECURITY.md
Normal file
20
SECURITY.md
Normal file
@@ -0,0 +1,20 @@
|
||||
# Security policy
|
||||
|
||||
## Supported versions
|
||||
|
||||
This repository is under active development. Security fixes land on the default branch (`main`) first.
|
||||
|
||||
## Reporting a vulnerability
|
||||
|
||||
Please email the repository maintainers with:
|
||||
|
||||
- a short description of the issue
|
||||
- steps to reproduce (if applicable)
|
||||
- affected component (`solver-api`, `gui-ts`, `solver-c`, Docker, etc.)
|
||||
|
||||
Do not open a public issue for undisclosed vulnerabilities.
|
||||
|
||||
## Scope notes
|
||||
|
||||
- The local API is intended for **trusted development networks**. Do not expose it to the public internet without hardening (TLS, auth, rate limits, reverse proxy).
|
||||
- Treat uploaded XML as untrusted input at API boundaries.
|
||||
Reference in New Issue
Block a user