Repositories may now specify a security policy by creating a file named SECURITY.MD. This file should be used to instruct users about how and when to report security vulnerabilities to the repository maintainers. When included, this file will be shown in the repository’s “Security” tab, and in the new issue workflow.
See what launched at GitHub Universe
Missed the main event? Learn more about everything that launched at GitHub Universe, from GitHub for mobile and a redesigned notifications experience to the GitHub Archive Program.Read the day one keynote recap
Secure the world's code, together
On day two of GitHub Universe, we announced GitHub Security Lab, bringing together security researchers, maintainers, and companies across the industry to secure open source.Read the day two keynote recap