Skip to content

[codex] Add security policy#566

Merged
kevinlzw merged 1 commit into
zmartzone:masterfrom
kevinlzw:codex/add-security-policy
Jun 20, 2026
Merged

[codex] Add security policy#566
kevinlzw merged 1 commit into
zmartzone:masterfrom
kevinlzw:codex/add-security-policy

Conversation

@kevinlzw

Copy link
Copy Markdown
Collaborator

Summary

Adds a SECURITY.md policy that explains how security vulnerabilities should be reported privately and clarifies the general scope for security issues in lua-resty-openidc.

The policy intentionally avoids strict response-time or long-term support commitments while giving reporters useful information to include, such as affected versions and relevant OpenResty, NGINX, and dependency versions.

Validation

  • Verified the branch is based on the latest upstream/master.
  • Verified the PR diff only includes SECURITY.md and the ChangeLog entry.
  • Did not run the Docker test suite because this is a documentation-only change.

@kevinlzw kevinlzw marked this pull request as ready for review June 20, 2026 13:27
@kevinlzw kevinlzw merged commit 4555cb8 into zmartzone:master Jun 20, 2026
1 check passed
@kevinlzw kevinlzw deleted the codex/add-security-policy branch June 20, 2026 13:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant