Publish a security policy
pnacht opened this issue · comments
Is your feature request related to a problem? Please describe.
KerasTuner doesn't currently have a security policy defining how users or security researchers can privately disclose vulnerabilities they've found.
Describe the solution you'd like
KerasTuner should have a security policy. This would be best done in its own SECURITY.md file. These files are given special treatment by GitHub: the policy is displayed in the project's public security dashboard, and a new "issue type" is created that redirects users to the policy if they've found a vulnerability.
Additional context
Other keras-team projects have adopted security policies (see keras-team/keras#18762, keras-team/keras-cv#2142, keras-team/tf-keras#683).