Networks/Reticulum-Go

Files

Sudo-Ivan 82523cc7df

Update SECURITY.md to include Gitea instance for actions, specify CycloneDX for BOM generation, and clarify vulnerability reporting process.

2025-12-28 21:21:34 -06:00

529 B

Raw Permalink Blame History

Security Policy

Supply Chain Security

All actions are pinned to a full-length commit hash and have been forked to my Gitea instance in https://git.quad4.io/actions
BOM generation using CycloneDX

Cryptography Dependencies

golang.org/x/crypto v0.46.0 for core cryptographic primitives
- hkdf
- curve25519
go/crypto
- ed25519
- sha256
- rand
- aes
- cipher
- hmac

Reporting a Vulnerability

Refer to https://quad4.io/security for how to report vulnerabilities.