From 55a542485a6dcaaf457ffd8a74443e0f1b7efeed Mon Sep 17 00:00:00 2001 From: Enno Gelhaus Date: Sun, 19 Apr 2026 22:58:05 +0200 Subject: [PATCH] feat: security additions --- SECURITY.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 0a1819b5..758ab66b 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,12 +6,13 @@ The Postiz app is committed to ensuring the security and integrity of our users' ## Scope -We, at Postiz, cover the following scopes for vulnerability disclosures: +We, at Postiz (gitroomhq), cover the following scopes for vulnerability disclosures: - The core repository for `postiz-app` (github.com/gitroomhq/postiz-app) -- All `gitroomhq` repositories related to Postiz (Containing `postiz` in the name / description / README.md) -- Official Postiz CLI tools and NPM packages -- Plugins maintained within the `gitroomhq` organization. +- All `gitroomhq` repositories that are official components, tooling, or integrations of Postiz +- Docker images of Positz on GHCR. (published under gitroomhq) +- Official Postiz CLI tools and NPM packages (NPM org: @postiz) +- Plugins for Postiz maintained within the `gitroomhq` organization. Vulnerabilities in third-party dependencies or user-hosted infrastructure are outside of this scope.