romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 22:01:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

SECURITY: mention OpenSSF best practices gold badge

Browse source 
Closes #14319
This commit is contained in:
Viktor Petersson 2024-07-30 18:24:13 +01:00 committed by Daniel Stenberg
parent 88cae14550
commit 6fc66e1676
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
SECURITY.md
View file

@ -14,3 +14,14 @@ If you have found or just suspect a security problem somewhere in curl or
libcurl, report it on [HackerOne](https://hackerone.com/curl).
We treat security issues with confidentiality until controlled and disclosed responsibly.
## OpenSSF Scorecard
curl has earned Gold status on the OpenSSF Best Practices, reflecting its adherence to
rigorous security and best practice standards. This achievement highlights curl's
comprehensive documentation, secure development processes, effective change control
mechanisms, and strong maintenance routines. Meeting these criteria demonstrates curl's
commitment to security and reliability, ensuring the project's sustainability and
trustworthiness. This recognition by OpenSSF underscores curl's role as a leader in
open-source software practices. More information can be found on
their [OpenSSF page](https://www.bestpractices.dev/projects/63).