psw/borgmatic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add security policy, such as it is.

Browse source
This commit is contained in:
Dan Helfman 2020-01-30 15:42:48 -08:00
parent 79f3b84ca2
commit 1ddde0910c
6 changed files with 49 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
NEWS
View file

@ -2,6 +2,7 @@
* #289: Tired of looking up the latest successful archive name in order to pass it to borgmatic * #289: Tired of looking up the latest successful archive name in order to pass it to borgmatic
actions? Me too. Now you can specify "--archive latest" to all actions that accept an archive actions? Me too. Now you can specify "--archive latest" to all actions that accept an archive
flag. flag.
* Add security policy documentation in SECURITY.md.
1.5.0 1.5.0
* #245: Monitor backups with PagerDuty hook integration. See the documentation for more * #245: Monitor backups with PagerDuty hook integration. See the documentation for more

7
README.md
View file

@ -119,7 +119,12 @@ If you'd like to chat with borgmatic developers or users, head on over to the
href="https://webchat.freenode.net/?channels=borgmatic">web chat</a> or a href="https://webchat.freenode.net/?channels=borgmatic">web chat</a> or a
native <a href="irc://chat.freenode.net:6697">IRC client</a>. native <a href="irc://chat.freenode.net:6697">IRC client</a>.
Other questions or comments? Contact <mailto:witten@torsion.org>. Also see the [security
policy](https://torsion.org/borgmatic/docs/security-policy/) for any security
issues.
Other questions or comments? Contact
[witten@torsion.org](mailto:witten@torsion.org).
### Contributing ### Contributing

19
SECURITY.md Normal file
View file

@ -0,0 +1,19 @@
---
title: Security policy
permalink: security-policy/index.html
---
## Supported versions
While we want to hear about security vulnerabilities in all versions of
borgmatic, security fixes will only be made to the most recently released
version. It's not practical for our small volunteer effort to maintain
multiple different release branches and put out separate security patches for
each.
## Reporting a vulnerability
If you find a security vulnerability, please [file a
ticket](https://torsion.org/borgmatic/#issues) or [send email
directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
back within a few days at most, and generally sooner.

4
docs/Dockerfile
View file

@ -1,4 +1,4 @@
FROM python:3.7.4-alpine3.10 as borgmatic FROM python:3.8.1-alpine3.11 as borgmatic
COPY . /app COPY . /app
RUN pip install --no-cache /app && generate-borgmatic-config && chmod +r /etc/borgmatic/config.yaml RUN pip install --no-cache /app && generate-borgmatic-config && chmod +r /etc/borgmatic/config.yaml
@ -7,7 +7,7 @@ RUN borgmatic --help > /command-line.txt \
echo -e "\n--------------------------------------------------------------------------------\n" >> /command-line.txt \ echo -e "\n--------------------------------------------------------------------------------\n" >> /command-line.txt \
&& borgmatic "$action" --help >> /command-line.txt; done && borgmatic "$action" --help >> /command-line.txt; done
FROM node:12.10.0-alpine as html FROM node:13.7.0-alpine as html
ARG ENVIRONMENT=production ARG ENVIRONMENT=production

19
docs/SECURITY.md Normal file
View file

@ -0,0 +1,19 @@
---
title: Security policy
permalink: security-policy/index.html
---
## Supported versions
While we want to hear about security vulnerabilities in all versions of
borgmatic, security fixes will only be made to the most recently released
version. It's not practical for our small volunteer effort to maintain
multiple different release branches and put out separate security patches for
each.
## Reporting a vulnerability
If you find a security vulnerability, please [file a
ticket](https://torsion.org/borgmatic/#issues) or [send email
directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
back within a few days at most, and generally sooner.

4
docs/how-to/backup-to-a-removable-drive-or-an-intermittent-server.md
View file

@ -10,7 +10,7 @@ buddy's sometimes-online server for that extra level of redundancy.
But if you run borgmatic and your hard drive isn't plugged in, or your buddy's But if you run borgmatic and your hard drive isn't plugged in, or your buddy's
server is offline, then you'll get an annoying error message and the overall server is offline, then you'll get an annoying error message and the overall
borgmatic run will fail (even if individual repositories complete just fine). borgmatic run will fail (even if individual repositories still complete).
So what if you want borgmatic to swallow the error of a missing drive So what if you want borgmatic to swallow the error of a missing drive
or an offline server, and continue trucking along? That's where the concept of or an offline server, and continue trucking along? That's where the concept of
@ -96,7 +96,7 @@ There are some caveats you should be aware of with this feature.
a test to make sure that individual source directories are mounted and a test to make sure that individual source directories are mounted and
available. Use your imagination! available. Use your imagination!
* The soft failure feature also works for `before_prune`, `after_prune`, * The soft failure feature also works for `before_prune`, `after_prune`,
`before_check`, and `after_check` hooks. However it is not implemented for `before_check`, and `after_check` hooks. But it is not implemented for
`before_everything` or `after_everything`. `before_everything` or `after_everything`.
## Related documentation ## Related documentation