Skip to content

Commit ae28c6b

Browse files
committed
chore: add SECURITY.md and Apache-2.0 LICENSE
1 parent 1111bfb commit ae28c6b

2 files changed

Lines changed: 5 additions & 53 deletions

File tree

LICENSE

Lines changed: 1 addition & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1 @@
1-
# CODEOWNERS
2-
* @mak3r-cyber
3-
4-
# SECURITY.md
5-
Security contact: security.contact@mak3r-cyber.dev
6-
7-
# LICENSE File
8-
MIT License
9-
10-
Copyright (c) 2025 Kamilia Meliani / Lazreg Meliani
11-
12-
Permission is hereby granted, free of charge, to any person obtaining a copy
13-
of this software and associated documentation files (the "Software"), to deal
14-
in the Software without restriction, including without limitation the rights
15-
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
16-
copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
17-
18-
The above copyright notice and this permission notice shall be included in all
19-
copies or substantial portions of the Software.
20-
21-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22-
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23-
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24-
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25-
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26-
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
27-
SOFTWARE.
1+
Apache License 2.0

SECURITY.md

Lines changed: 4 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,5 @@
11
# Security Policy
2-
3-
## Reporting a Vulnerability
4-
5-
We take the security of our framework seriously and appreciate the community's efforts to responsibly disclose vulnerabilities.
6-
7-
If you believe you have found a security vulnerability in the Healthcare IoMT Risk Assessment Framework, please follow these guidelines:
8-
9-
1. **DO NOT** open a public GitHub issue.
10-
2. **DO NOT** discuss the vulnerability publicly until it has been patched.
11-
3. **REPORT PRIVATELY:** Send an email to the project maintainer at:
12-
**[VOTRE_EMAIL_DE_SECURITE]**
13-
4. **Encryption:** If possible, use the project maintainer's PGP key (available upon request) to encrypt the report.
14-
15-
### Information to Include in the Report
16-
17-
Please include the following details to help us assess the vulnerability quickly:
18-
* A clear description of the vulnerability (type, impact).
19-
* The exact component or file affected (e.g., `tools/csv2xlsx.py`).
20-
* Steps to reproduce the vulnerability (proof of concept).
21-
* Any suggested mitigation or fix.
22-
23-
## Our Policy
24-
25-
We aim to acknowledge all private reports within **3 business days** and plan a full response or patch within **30 days** depending on the severity.
26-
27-
Thank you for helping keep this project secure.
2+
Signalement vulnérabilités: security.contact@mak3r-cyber.dev
3+
Délai de divulgation responsable: 90 jours (par défaut).
4+
Branches supportées: main.
5+
Pas de données réelles dans les issues.

0 commit comments

Comments
 (0)