mirror of
https://github.com/placeholder-soft/asdf-plugins.git
synced 2026-01-12 08:44:17 +08:00
docs: explicitly state no security for this repo (#754)
This commit is contained in:
James Hegedus
30
SECURITY.md
Normal file
30
SECURITY.md
Normal file
@@ -0,0 +1,30 @@
|
||||
# Security Policy
|
||||
|
||||
We do not offer any security policy for the contents of this repository.
|
||||
|
||||
## No Security Provided
|
||||
|
||||
This repository was created as a usability convenience, it is not required to
|
||||
use asdf.
|
||||
|
||||
This repository is a collection of asdf plugins found online, it is a collaborative
|
||||
effort by the community. Repositories linked from here are:
|
||||
|
||||
- not covered by any security policy from the asdf team
|
||||
- not scanned automatically for dangerous or malicious operation
|
||||
|
||||
## What the asdf Team Recommend
|
||||
|
||||
The expectation is that users will vet the code of each plugin before use, as is
|
||||
expected of other OSS plugin and package ecosystems.
|
||||
|
||||
The asdf core team discourage the use of this shortname repository. Read the code
|
||||
in the plugins you use. Install the plugins you trust via the direct URL method:
|
||||
|
||||
```bash
|
||||
asdf plugin add <name> <git_url>
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
For the asdf core Security Policy, see https://github.com/asdf-vm/asdf/blob/master/SECURITY.md
|
||||
Reference in New Issue
Block a user