RFR: 8340815: Add SECURITY.md file
George Adams
gdams at openjdk.org
Tue Sep 24 19:20:11 UTC 2024
On Tue, 24 Sep 2024 16:31:00 GMT, Erik Joelsson <erikj at openjdk.org> wrote:
> My personal opinion is that one should always try to avoid duplicating/forking documentation, so if we are to create a security.md file to populate the security tab in GitHub, then it should only contain a link to the official documentation on openjdk.org. You also need to keep in mind that this file would be unique for every update release repository, so any change would need to be backported everywhere. That makes maintaining this kind of information in the project source repository quite impractical.
Thanks for the feedback, I've updated this PR to simply include a link to the official policy on the website now
-------------
PR Comment: https://git.openjdk.org/jdk/pull/21155#issuecomment-2372138025
More information about the build-dev
mailing list