This commit adds a security policy to this repository. SECURITY.md files
are handled in a special way by GitHub, helping users to know how to
best submit security issues for the projects.
In this case, we simply point to our existing documentation on
prometheus.io.
The content of this file will be synced automatically with the
prometheus/prometheus repository, as our security policy covers all the
repositories. This sync is automated with prombot, like other files
(LICENSE, Makefile.common).
https://docs.github.com/en/free-pro-team@latest/github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
--- /dev/null
+# Reporting a security issue
+
+The Prometheus security policy, including how to report vulnerabilities, can be
+found here:
+
+https://prometheus.io/docs/operating/security/