Create a security policy document (#1889)

* Create a security policy document * sp * spell out mailto link
2025-12-10 00:44:37 -06:00 · 2023-02-16 09:35:17 -08:00 · 2023-02-16 09:35:17 -08:00 · 85d4d180f5
commit 85d4d180f5
parent 56bddee418
1 changed files with 22 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,22 @@
+# Security Policy
+
+The F´ team secures our code base using a combination of code review, dependency review, and static analysis performed during automated pull request
+verification. We welcome general bug reports and vulnerability reports from the larger community.
+
+### Reporting a Vulnerability
+
+For general defects, please submit a [Bug Report](https://github.com/nasa/fprime/issues/new/choose)
+
+To report a vulnerability for F´ please use the [vulnerability report form](https://github.com/nasa/fprime/security/advisories/new) or send a detailed
+report to [fprime@jpl.nasa.gov](mailto:fprime@jpl.nasa.gov). 
+
+### Static Analysis Checks
+
+The [GitHub Actions workflows](https://github.com/nasa/fprime/blob/devel/.github/workflows/) are available to the public. To review the results, fork the
+repository and run the workflows. 
+
+These checks are run on each pull request submitted to F´.
+
+### General Support
+
+For additional support, please open a [Discussion](https://github.com/nasa/fprime/discussions).