From ce7214c68e34014d4a5bd21c601dd83218f24c0f Mon Sep 17 00:00:00 2001
From: Timea Turdean <4144203+timea-solid@users.noreply.github.com>
Date: Thu, 13 Apr 2023 21:38:58 +0200
Subject: [PATCH 1/6] 1st version of a security policy

---
 SECURITY.md | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..6b7fa3be
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,47 @@
+# Security policy
+
+SolidOS is taking the security of our repositories seriously. This includes all source code repositories managed through our [GitHub organization](https://github.com/solidos). This being said, each member's contribution is on a volunteer basis and the skills we have at hand fluctuate with each member.
+
+If you believe you have found a security vulnerability in any SolidOS repository, please report it to us as described below.
+
+## About this repository
+
+These repositories contribute to the frontend you see on each solidcommunity.net Pod. The repositories have different purposes and offer with different features.
+
+- [**solid-logic**](https://github.com/solidos/solid-logic) — core business logic of SolidOS
+- [**mashlib**](https://github.com/solidos/mashlib/) — a solid-compatible code library of application-level functionality for the world of Solid
+- [**solid-panes**](https://github.com/solidos/solid-panes) — a set of core solid-compatible panes based on solid-ui
+- [**solid-ui**](https://github.com/solidos/solid-ui) — User Interface widgets and utilities for Solid. Building blocks for solid-based apps
+
+## Reporting a vulnerability
+
+Please report any security vulnerabilities through the public GitHub issues of each repository you find the vulnerability in. In case of vulnerabilities which span multiple repos, please report them on [the SolidOS repo](https://github.com/SolidOS/solidos/issues/new) itself.
+
+Please mention in your vulnerability issue the following:
+
+### Impact
+_What kind of vulnerability is it? Who is impacted?_
+
+### Patches
+_Has the problem been patched? What versions should users upgrade to?_
+
+### Workarounds
+_Is there a way for users to fix or remediate the vulnerability without upgrading?_
+
+### References
+_Are there any links users can visit to find out more?_
+
+### Proposed solution
+_Any suggested fix in the form of text or a PR are more than welcome_
+
+As a volunteer based organization we appreciate any PR which also helps fix any vulnerability.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Hall of Fame
+
+Thank you to the following people for reporting vulnerabilities.
+
+  * Otto-AA

From 6f48e7bafe29a5270524a9f770adcf48e672fe61 Mon Sep 17 00:00:00 2001
From: Timea <4144203+timea-solid@users.noreply.github.com>
Date: Fri, 14 Apr 2023 09:12:12 +0200
Subject: [PATCH 2/6] Update SECURITY.md

Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 6b7fa3be..decbbce6 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -34,7 +34,7 @@ _Are there any links users can visit to find out more?_
 ### Proposed solution
 _Any suggested fix in the form of text or a PR are more than welcome_
 
-As a volunteer based organization we appreciate any PR which also helps fix any vulnerability.
+As a volunteer-based organization, we especially appreciate any PR which helps fix any vulnerability.
 
 ## Preferred Languages
 

From 565e9e3bbc51cab9de0bb25e6f5296707b7f5eb7 Mon Sep 17 00:00:00 2001
From: Timea <4144203+timea-solid@users.noreply.github.com>
Date: Fri, 14 Apr 2023 09:12:20 +0200
Subject: [PATCH 3/6] Update SECURITY.md

Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
---
 SECURITY.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index decbbce6..05656b78 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -17,22 +17,22 @@ These repositories contribute to the frontend you see on each solidcommunity.net
 
 Please report any security vulnerabilities through the public GitHub issues of each repository you find the vulnerability in. In case of vulnerabilities which span multiple repos, please report them on [the SolidOS repo](https://github.com/SolidOS/solidos/issues/new) itself.
 
-Please mention in your vulnerability issue the following:
+Please include the following in your vulnerability report:
 
-### Impact
+* **Impact**
 _What kind of vulnerability is it? Who is impacted?_
 
-### Patches
+* **Patches**
 _Has the problem been patched? What versions should users upgrade to?_
 
-### Workarounds
+* **Workarounds**
 _Is there a way for users to fix or remediate the vulnerability without upgrading?_
 
-### References
+* **References**
 _Are there any links users can visit to find out more?_
 
-### Proposed solution
-_Any suggested fix in the form of text or a PR are more than welcome_
+* **Proposed solution**
+_Any suggested fix in the form of text or a PR is more than welcome_
 
 As a volunteer-based organization, we especially appreciate any PR which helps fix any vulnerability.
 

From c128e050dd3aa7fbb4bc7a493ad663d59dc519f2 Mon Sep 17 00:00:00 2001
From: Timea <4144203+timea-solid@users.noreply.github.com>
Date: Fri, 14 Apr 2023 09:12:29 +0200
Subject: [PATCH 4/6] Update SECURITY.md

Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 05656b78..142c7ab9 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,6 +1,6 @@
 # Security policy
 
-SolidOS is taking the security of our repositories seriously. This includes all source code repositories managed through our [GitHub organization](https://github.com/solidos). This being said, each member's contribution is on a volunteer basis and the skills we have at hand fluctuate with each member.
+SolidOS takes the security of our repositories seriously. This includes all source code repositories managed through our [GitHub organization](https://github.com/solidos). That said, members contribute on a volunteer basis, and the skills we have at hand fluctuate with each member.
 
 If you believe you have found a security vulnerability in any SolidOS repository, please report it to us as described below.
 

From ebbd1fe53da180f724535897e15df537c37ff7d5 Mon Sep 17 00:00:00 2001
From: Timea <4144203+timea-solid@users.noreply.github.com>
Date: Fri, 14 Apr 2023 09:12:38 +0200
Subject: [PATCH 5/6] Update SECURITY.md

Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
---
 SECURITY.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index 142c7ab9..8b7756f5 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -6,12 +6,12 @@ If you believe you have found a security vulnerability in any SolidOS repository
 
 ## About this repository
 
-These repositories contribute to the frontend you see on each solidcommunity.net Pod. The repositories have different purposes and offer with different features.
+These repositories contribute to the frontend you see on each solidcommunity.net Pod. The repositories have different purposes and offer different features.
 
 - [**solid-logic**](https://github.com/solidos/solid-logic) — core business logic of SolidOS
-- [**mashlib**](https://github.com/solidos/mashlib/) — a solid-compatible code library of application-level functionality for the world of Solid
-- [**solid-panes**](https://github.com/solidos/solid-panes) — a set of core solid-compatible panes based on solid-ui
-- [**solid-ui**](https://github.com/solidos/solid-ui) — User Interface widgets and utilities for Solid. Building blocks for solid-based apps
+- [**mashlib**](https://github.com/solidos/mashlib/) — a Solid-compatible code library of application-level functionality for the world of Solid
+- [**solid-panes**](https://github.com/solidos/solid-panes) — a set of core Solid-compatible panes based on [solid-ui](https://github.com/solidos/solid-ui)
+- [**solid-ui**](https://github.com/solidos/solid-ui) — User Interface widgets and utilities for Solid providing building blocks for Solid-based apps
 
 ## Reporting a vulnerability
 

From 5a223fde041a0e0c64b7175f2258c539ac764804 Mon Sep 17 00:00:00 2001
From: Timea <4144203+timea-solid@users.noreply.github.com>
Date: Fri, 14 Apr 2023 09:12:44 +0200
Subject: [PATCH 6/6] Update SECURITY.md

Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 8b7756f5..732bb449 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -15,7 +15,7 @@ These repositories contribute to the frontend you see on each solidcommunity.net
 
 ## Reporting a vulnerability
 
-Please report any security vulnerabilities through the public GitHub issues of each repository you find the vulnerability in. In case of vulnerabilities which span multiple repos, please report them on [the SolidOS repo](https://github.com/SolidOS/solidos/issues/new) itself.
+Please report any security vulnerabilities through the public GitHub issues of the repository where you find the vulnerability. If a vulnerability spans multiple repos, please report it on [the SolidOS repo](https://github.com/SolidOS/solidos/issues/new) itself.
 
 Please include the following in your vulnerability report: