Hi, AFAIK it is still a draft which can not go anywhere (or go elsewhere like .security/ for some exposure reason since .well-known already has adoption and rules) and I didn't see it much adopted yet. However at apache we have kind of standards for that so isn't it too early to adopt it?
Romain Manni-Bucau @rmannibucau <https://twitter.com/rmannibucau> | Blog <https://rmannibucau.metawerx.net/> | Old Blog <http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> | LinkedIn <https://www.linkedin.com/in/rmannibucau> | Book <https://www.packtpub.com/application-development/java-ee-8-high-performance> Le dim. 20 nov. 2022 à 18:48, Benjamin Marwell <[email protected]> a écrit : > Hi! > > Due to the recent GH activities (eg [1]), it came to my attention that > there is no file ".well-known/security.txt" on maven.apache.org. > > We really should adopt it! > For some more information, please refer to [2]. > > WDYT? > > - Ben > > [1]: https://github.com/apache/maven-project-utils/pull/5 > [2]: https://developer.okta.com/blog/2021/10/19/intro-security-txt > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
