New Lifter Improvement: Coordinated Disclosure Plans

There had been some discussion around security and coordinated disclosure plans here on the forum and so today we’ve released a new security-related task.

This new coordinated disclosure task allows you to tell us about your project’s security policy. If your project opts in to the Tidelift-managed process, all you need to do is link to our reporting page and provide a point of contact. If your have your own process in place, you’ll just provide a link to your security policy page.

You should have it on your project dashboards as of today. Check it out and let us know if you have any feedback on the process, the documentation, or the task itself.

Edit: There is also a related blog post here: https://blog.tidelift.com/enough-of-zero-day-fire-drills