Add security policy, such as it is.
This commit is contained in:
parent
79f3b84ca2
commit
1ddde0910c
6 changed files with 49 additions and 5 deletions
1
NEWS
1
NEWS
|
@ -2,6 +2,7 @@
|
||||||
* #289: Tired of looking up the latest successful archive name in order to pass it to borgmatic
|
* #289: Tired of looking up the latest successful archive name in order to pass it to borgmatic
|
||||||
actions? Me too. Now you can specify "--archive latest" to all actions that accept an archive
|
actions? Me too. Now you can specify "--archive latest" to all actions that accept an archive
|
||||||
flag.
|
flag.
|
||||||
|
* Add security policy documentation in SECURITY.md.
|
||||||
|
|
||||||
1.5.0
|
1.5.0
|
||||||
* #245: Monitor backups with PagerDuty hook integration. See the documentation for more
|
* #245: Monitor backups with PagerDuty hook integration. See the documentation for more
|
||||||
|
|
|
@ -119,7 +119,12 @@ If you'd like to chat with borgmatic developers or users, head on over to the
|
||||||
href="https://webchat.freenode.net/?channels=borgmatic">web chat</a> or a
|
href="https://webchat.freenode.net/?channels=borgmatic">web chat</a> or a
|
||||||
native <a href="irc://chat.freenode.net:6697">IRC client</a>.
|
native <a href="irc://chat.freenode.net:6697">IRC client</a>.
|
||||||
|
|
||||||
Other questions or comments? Contact <mailto:witten@torsion.org>.
|
Also see the [security
|
||||||
|
policy](https://torsion.org/borgmatic/docs/security-policy/) for any security
|
||||||
|
issues.
|
||||||
|
|
||||||
|
Other questions or comments? Contact
|
||||||
|
[witten@torsion.org](mailto:witten@torsion.org).
|
||||||
|
|
||||||
|
|
||||||
### Contributing
|
### Contributing
|
||||||
|
|
19
SECURITY.md
Normal file
19
SECURITY.md
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
title: Security policy
|
||||||
|
permalink: security-policy/index.html
|
||||||
|
---
|
||||||
|
|
||||||
|
## Supported versions
|
||||||
|
|
||||||
|
While we want to hear about security vulnerabilities in all versions of
|
||||||
|
borgmatic, security fixes will only be made to the most recently released
|
||||||
|
version. It's not practical for our small volunteer effort to maintain
|
||||||
|
multiple different release branches and put out separate security patches for
|
||||||
|
each.
|
||||||
|
|
||||||
|
## Reporting a vulnerability
|
||||||
|
|
||||||
|
If you find a security vulnerability, please [file a
|
||||||
|
ticket](https://torsion.org/borgmatic/#issues) or [send email
|
||||||
|
directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
|
||||||
|
back within a few days at most, and generally sooner.
|
|
@ -1,4 +1,4 @@
|
||||||
FROM python:3.7.4-alpine3.10 as borgmatic
|
FROM python:3.8.1-alpine3.11 as borgmatic
|
||||||
|
|
||||||
COPY . /app
|
COPY . /app
|
||||||
RUN pip install --no-cache /app && generate-borgmatic-config && chmod +r /etc/borgmatic/config.yaml
|
RUN pip install --no-cache /app && generate-borgmatic-config && chmod +r /etc/borgmatic/config.yaml
|
||||||
|
@ -7,7 +7,7 @@ RUN borgmatic --help > /command-line.txt \
|
||||||
echo -e "\n--------------------------------------------------------------------------------\n" >> /command-line.txt \
|
echo -e "\n--------------------------------------------------------------------------------\n" >> /command-line.txt \
|
||||||
&& borgmatic "$action" --help >> /command-line.txt; done
|
&& borgmatic "$action" --help >> /command-line.txt; done
|
||||||
|
|
||||||
FROM node:12.10.0-alpine as html
|
FROM node:13.7.0-alpine as html
|
||||||
|
|
||||||
ARG ENVIRONMENT=production
|
ARG ENVIRONMENT=production
|
||||||
|
|
||||||
|
|
19
docs/SECURITY.md
Normal file
19
docs/SECURITY.md
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
title: Security policy
|
||||||
|
permalink: security-policy/index.html
|
||||||
|
---
|
||||||
|
|
||||||
|
## Supported versions
|
||||||
|
|
||||||
|
While we want to hear about security vulnerabilities in all versions of
|
||||||
|
borgmatic, security fixes will only be made to the most recently released
|
||||||
|
version. It's not practical for our small volunteer effort to maintain
|
||||||
|
multiple different release branches and put out separate security patches for
|
||||||
|
each.
|
||||||
|
|
||||||
|
## Reporting a vulnerability
|
||||||
|
|
||||||
|
If you find a security vulnerability, please [file a
|
||||||
|
ticket](https://torsion.org/borgmatic/#issues) or [send email
|
||||||
|
directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
|
||||||
|
back within a few days at most, and generally sooner.
|
|
@ -10,7 +10,7 @@ buddy's sometimes-online server for that extra level of redundancy.
|
||||||
|
|
||||||
But if you run borgmatic and your hard drive isn't plugged in, or your buddy's
|
But if you run borgmatic and your hard drive isn't plugged in, or your buddy's
|
||||||
server is offline, then you'll get an annoying error message and the overall
|
server is offline, then you'll get an annoying error message and the overall
|
||||||
borgmatic run will fail (even if individual repositories complete just fine).
|
borgmatic run will fail (even if individual repositories still complete).
|
||||||
|
|
||||||
So what if you want borgmatic to swallow the error of a missing drive
|
So what if you want borgmatic to swallow the error of a missing drive
|
||||||
or an offline server, and continue trucking along? That's where the concept of
|
or an offline server, and continue trucking along? That's where the concept of
|
||||||
|
@ -96,7 +96,7 @@ There are some caveats you should be aware of with this feature.
|
||||||
a test to make sure that individual source directories are mounted and
|
a test to make sure that individual source directories are mounted and
|
||||||
available. Use your imagination!
|
available. Use your imagination!
|
||||||
* The soft failure feature also works for `before_prune`, `after_prune`,
|
* The soft failure feature also works for `before_prune`, `after_prune`,
|
||||||
`before_check`, and `after_check` hooks. However it is not implemented for
|
`before_check`, and `after_check` hooks. But it is not implemented for
|
||||||
`before_everything` or `after_everything`.
|
`before_everything` or `after_everything`.
|
||||||
|
|
||||||
## Related documentation
|
## Related documentation
|
||||||
|
|
Loading…
Reference in a new issue