1. GitHub Project Adopts Minimalist Security Policy, Rejects 'Hall of Fame' and Formal CVE Promises
A GitHub repository has formalized its vulnerability disclosure policy with a starkly pragmatic approach, explicitly rejecting common community incentives and formal coordination promises that a small, pre-beta project cannot sustain. The new SECURITY.md file, added to close a long-standing issue, establishes GitHub's ...