lhotari commented on PR #16962: URL: https://github.com/apache/pulsar/pull/16962#issuecomment-1209075801
I hope that the information about the vulnerability handling process could also be added to SECURITY.md . Duplication of information is justified in this case. Hiding relevant information behind yet another click could result in information being missed. I'd suggest that we also add these sentences to SECURITY.md: > The Pulsar community follows the ASF [vulnerability handling process](https://apache.org/security/#vulnerability-handling). > > To report a new vulnerability you have discovered please follow the [ASF vulnerability reporting process](https://apache.org/security/#reporting-a-vulnerability). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
