Skip to content

docs: add org-level security policy for all wolfSSL repos#4

Open
MarkAtwood wants to merge 1 commit into
mainfrom
add-org-security-policy
Open

docs: add org-level security policy for all wolfSSL repos#4
MarkAtwood wants to merge 1 commit into
mainfrom
add-org-security-policy

Conversation

@MarkAtwood
Copy link
Copy Markdown

@MarkAtwood MarkAtwood commented May 29, 2026

Summary

  • Add SECURITY.md to the wolfSSL org .github repo
  • Points to the canonical vulnerability disclosure policy at
    https://www.wolfssl.com/.well-known/vulnerability-disclosure-policy.txt
  • Includes PGP key fingerprint and contact info for immediate use
  • This file serves as the default security policy for every wolfSSL
    GitHub repo that does not have its own SECURITY.md

Currently only wolfSSL/wolfssl has a SECURITY.md. This gives
wolfBoot, wolfssh, wolfMQTT, wolfTPM, wolfCOSE, and all other repos
a Security tab without needing per-repo files.

@MarkAtwood
docs: add org-level security policy
73cc726 
Add SECURITY.md pointing to the canonical vulnerability disclosure
policy at wolfssl.com. This gives every wolfSSL repo without its own
SECURITY.md a Security tab on GitHub.
Copilot AI review requested due to automatic review settings May 29, 2026 17:43
Copilot AI reviewed May 29, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds an organization-level SECURITY.md to the wolfSSL .github repo so GitHub repositories without a per-repo policy will still show a Security tab with consistent vulnerability reporting guidance.

Changes:

  • Introduces SECURITY.md with primary security contact channels (email/phone).
  • Provides PGP fingerprint and key server for encrypted reports.
  • Links to the canonical coordinated vulnerability disclosure policy URL and lists covered products.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread SECURITY.md
Comment on lines +5 to +6
Report security vulnerabilities to **support@wolfssl.com** or call **+1-425-245-8247**.

@MarkAtwood MarkAtwood requested a review from cconlon May 29, 2026 17:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cconlon cconlon Awaiting requested review from cconlon

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MarkAtwood