Skip to content

docs: restore canonical security policy over bot-added SECURITY.md#1605

Open
WilliamBergamin wants to merge 1 commit into
mainfrom
restore-security-policy
Open

docs: restore canonical security policy over bot-added SECURITY.md#1605
WilliamBergamin wants to merge 1 commit into
mainfrom
restore-security-policy

Conversation

@WilliamBergamin

@WilliamBergamin WilliamBergamin commented Jun 19, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

What & why

The Salesforce OSPO Service Bot committed a top-level SECURITY.md to this repo. But in fact we want to direct reporter to the Slack bug bounty program on HackerOne (https://hackerone.com/slack).

The fix

This PR moves .github/SECURITY.md to the repository root, which:

  • replaces the bot-added SECURITY.md with the maintained policy, and
  • removes the now-redundant .github/SECURITY.md.

@WilliamBergamin
docs: restore canonical security policy
921d008 
Move .github/SECURITY.md to the repository root so it replaces the
top-level SECURITY.md added by the Salesforce OSPO Service Bot on
2026-06-02. GitHub resolves security policy with root taking precedence
over .github/, so the bot file had silently shadowed the maintained
policy. This restores the correct reporting channel.

Co-Authored-By: Claude <svc-devxp-claude@slack-corp.com>
@codecov

codecov Bot commented Jun 19, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.32%. Comparing base (803231d) to head (921d008).
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@            Coverage Diff            @@
##               main    #1605   +/-   ##
=========================================
  Coverage     73.32%   73.32%           
  Complexity     4520     4520           
=========================================
  Files           478      478           
  Lines         14300    14300           
  Branches       1490     1490           
=========================================
  Hits          10486    10486           
  Misses         2923     2923           
  Partials        891      891
Flag Coverage Δ
jdk-14 73.32% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

@WilliamBergamin WilliamBergamin self-assigned this Jun 19, 2026
@WilliamBergamin WilliamBergamin marked this pull request as ready for review June 19, 2026 18:56
@WilliamBergamin WilliamBergamin requested a review from a team as a code owner June 19, 2026 18:56
@WilliamBergamin WilliamBergamin added the docs M-T: Documentation work only label Jun 19, 2026
zimeg
zimeg approved these changes Jun 19, 2026
View reviewed changes

@zimeg zimeg left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@WilliamBergamin Kind thanks for keeping these visible and current 🔐

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zimeg zimeg zimeg approved these changes

Assignees

@WilliamBergamin WilliamBergamin

Labels

docs M-T: Documentation work only

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@WilliamBergamin @zimeg