Skip to content

Commit e775100

Browse files
RubenHalmanRubenHalman
committed
add security.md
1 parent 1daac4a commit e775100

File tree

1 file changed

+30
-0
lines changed

1 file changed

+30
-0
lines changed

SECURITY.md

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
# Security Policy for Lightning Flow Scanner
2+
3+
## Security Practices
4+
5+
- Code is open-source and peer-reviewed by the community.
6+
- Vulnerabilities can be reported privately via GitHub security features.
7+
- Changes to the repository are scanned and reviewed before merging.
8+
9+
## Reporting a Vulnerability
10+
11+
If you discover a security vulnerability, please report it using [GitHub vulnerability reporting](https://github.com/Flow-Scanner/lightning-flow-scanner-cli/security).
12+
13+
## Data Handling
14+
15+
This project collects zero user data. No credentials, PII, payment info, or health data is ever stored, transmitted, or shared. All analysis runs 100% client-side with no network calls to any external services.
16+
17+
## Dependencies
18+
19+
We actively track and maintain an up-to-date inventory of all third-party dependencies to ensure security and compatibility. Our dependencies include:
20+
21+
| Package | License | Purpose |
22+
| ----------------------------------- | ------- | ------- |
23+
| `@oclif/core` | [MIT](https://github.com/oclif/oclif/blob/main/LICENSE) | CLI framework core utilities |
24+
| `@salesforce/core` | [BSD-3-Clause](https://github.com/salesforce/core/blob/main/LICENSE) | Salesforce core library for CLI plugins |
25+
| `@salesforce/sf-plugins-core` | [BSD-3-Clause](https://github.com/salesforce/sf-plugins-core/blob/main/LICENSE) | Base library for Salesforce CLI plugins |
26+
| `chalk` | [MIT](https://github.com/chalk/chalk/blob/main/license) | Terminal string styling (colors) |
27+
| `cosmiconfig` | [MIT](https://github.com/davidtheclark/cosmiconfig/blob/main/LICENSE) | Config file loader for JavaScript/Node |
28+
| `fs-extra` | [MIT](https://github.com/jprichardson/node-fs-extra/blob/master/LICENSE) | Extended filesystem utilities |
29+
| `glob` | [MIT](https://github.com/isaacs/node-glob/blob/master/LICENSE) | File pattern matching |
30+
| `lightning-flow-scanner-core` | [MIT](https://github.com/Flow-Scanner/lightning-flow-scanner-core/blob/main/LICENSE.md) | Salesforce Flow scanning utilities |

0 commit comments

Comments
 (0)