Skip to content

Commit 5076f41

Browse files
RubenHalmanRubenHalman
committed
add security.md
1 parent fb74ce4 commit 5076f41

File tree

2 files changed

+27
-2
lines changed

2 files changed

+27
-2
lines changed

SECURITY.md

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
# Security Policy for Lightning Flow Scanner
2+
3+
## Security Practices
4+
5+
- Code is open-source and peer-reviewed by the community.
6+
- Vulnerabilities can be reported privately via GitHub security features.
7+
- Changes to the repository are scanned and reviewed before merging.
8+
9+
## Reporting a Vulnerability
10+
11+
If you discover a security vulnerability, please report it using [GitHub vulnerability reporting](https://github.com/Flow-Scanner/lightning-flow-scanner-core/security).
12+
13+
## Data Handling
14+
15+
This project collects zero user data. No credentials, PII, payment info, or health data is ever stored, transmitted, or shared. All analysis runs 100% client-side with no network calls to any external services.
16+
17+
## Dependencies
18+
19+
We actively track and maintain an up-to-date inventory of all third-party dependencies to ensure security and compatibility. Our dependencies include:
20+
21+
| Package | License | Purpose |
22+
23+
| ------------- | ---------------------------------------------------------------------- | ----------------------- |
24+
25+
| `xmlbuilder2` | [MIT](https://github.com/oozcitak/xmlbuilder2/blob/master/LICENSE.txt) | XML builder for Node.js |

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,12 @@
88
"node": "^18 || ^20 || ^22 || ^23"
99
},
1010
"scripts": {
11-
"clean": "rm -rf out types",
11+
"clean": "rm -rf out",
1212
"build:js": "swc src --out-dir out --copy-files --strip-leading-paths --config-file .swcrc",
1313
"build:types": "tsc -p tsconfig.types.json --declaration --emitDeclarationOnly --outDir out",
1414
"copy:index": "cp out/main/index.js out/index.js || true",
1515
"copy:media": "mkdir -p out/assets/media && cp -r assets/media/* out/assets/media/ || true",
16-
"copy:root-files:out": "cp README.md LICENSE.md CONTRIBUTING.md package.json out/ || true",
16+
"copy:root-files:out": "cp README.md LICENSE.md SECURITY.md CONTRIBUTING.md package.json out/ || true",
1717
"copy:root-files:dist": "cp LICENSE.md dist/ || true",
1818
"____main____": "__DEVELOPER COMMANDS__",
1919
"build": "npm run clean && npm run build:js && npm run build:types && npm run copy:index && npm run copy:media && npm run copy:root-files:out",

0 commit comments

Comments
 (0)