Skip to content

Security: kununu/testing-bundle

Security

SECURITY.md

Security Policy

For external contributors

If you want to report any security vulnerabilities please do so by creating an issue. Additionally, if you have a fix then please create a pull request and link it to the issue you have created.

For kununu developers

Reporting a Vulnerability

Jira is our entrypoint to report security vulnerabilities. Having this in mind a KUNSECU user story (type Vulnerability) needs to be created.

How to fill the user story?

Follow this documentation.

To which team do I assign the user story?

Follow the domain ownership matrix and assign it to the corresponding team.

Reporting the update of dependencies

This is the benefit of having Dependabot. It will open pull requests for security and version updates. For more information check the GitHub documentation.

There aren’t any published security advisories