Skip to content

Security: ThalesGroup/MMS-compiler

Security

SECURITY.md

The following security policies are applicable to the MMS Compiler source code, documentation and releases. Please, follow these rules if you wish to contribute to the project.

Goods practices to follow

⚠️Never store credentials information into source code or config file in a GitHub repository

  • Block sensitive data being pushed to GitHub by git-secrets or its likes as a git pre-commit hook
  • Audit for slipped secrets with dedicated tools
  • Use environment variables for secrets in CI/CD (e.g. GitHub Secrets) and secret managers in production
  • Don't include links to external websites or files

Security Policy

Supported Versions

Version Supported
1.0

Reporting a Vulnerability

Please, use the Security Discussions section to report vulnerabilities or any other security concerns.

Security Update policy

Vulnerabilities will be communicated via GitHub Advisories and a description of the issue will be included in the release notes.

There aren’t any published security advisories