I have built a system at Aiven that takes the .md files in the project root and adds them to the site. We could do the same. Fairly simple. Then SECURITY.md would just compile to html on the site
LinkedIn: http://www.linkedin.com/in/claudewarren On Mon 1 Jun 2026, 07:19 P. Ottlinger, <[email protected]> wrote: > Hi, > > Am 31.05.26 um 13:21 schrieb Claude Warren: > > I think that if we add a security file with the above statments we can > > disable the XXE_DOCUMENT issue in spotbugs. > > +1 > > I've added https://issues.apache.org/jira/browse/RAT-558 to take care of > that. > > Apart from the plain SECURITY.md we should add a note to the webpage - > what do you think? migration guide or a separate page linked from the > menu tree? > > Thanks > Phil >
