So behind the scene something added a new commit https://github.com/dotnet/efcore/commit/659ecfd2842cb6710d40ecf39f671c28b437fc4f
(tell me more about automation taking over the world!)
Anyway, looking at aspnetcore repo the details have changed a little https://github.com/dotnet/aspnetcore/pull/19236
Our repo does not have security.MD in repo root, rather it is inside .github folder.
- Which one do we keep?
- Make sure the one we keep is up-to-date.
smitpatel
All 9 comments
@Pilchie We would like to understand:
- What happened here that resulted in a bot adding a file to the repo without any PR or sign-off
- What the guidance is for
security.mdespecially given that we now have two files in two locations with conflicting information.
ajcvickers
on 28 Feb 2020
I'm not sure what this is. @mmitche do you know?
Pilchie
on 29 Feb 2020
@terrajobst did this as a project for Barry
mmitche
on 2 Mar 2020
@terrajobst Ping.
ajcvickers
on 9 Mar 2020
@terrajobst Ping.
ajcvickers
on 16 Mar 2020
- What happened here that resulted in a bot adding a file to the repo without any PR or sign-off
I've sent you an email with the details
- What the guidance is for
security.mdespecially given that we now have two files in two locations with conflicting information.
That I don't know. @blowdart needs to answer how he sees SECURTY.md vs. docs/security.md.
terrajobst
on 16 Mar 2020
Its your choice really, as long as all the info is there, including the bug bounty link then I'm good.
blowdart
on 16 Mar 2020
@smitpatel Do you want to clean this up?
ajcvickers
on 16 Mar 2020
Yes, I do.
smitpatel
on 16 Mar 2020
Related issues
miguelhrocha
路
3Comments
julienshepherd
路
3Comments
HappyNomad
路
3Comments
yukozh
路
3Comments
januszj
路
3Comments
Most helpful comment
Its your choice really, as long as all the info is there, including the bug bounty link then I'm good.