This document outlines security procedures and general policies for the DORA
project.
The DORA project is intended to be public facing. It is being used in a openly-visible-metrics capacity and will play a small part in the Rolls-Royce Digital Transformation efforts. If you have any questions, please contact the lead maintainer at Josh.Haines@Rolls-Royce.com.
The Rolls-Royce Software Factory team and community take all security bugs in DORA seriously.
Thank you for improving the security of DORA. We appreciate your efforts and
responsible disclosure and will make every effort to acknowledge your
contributions.
Report security bugs by emailing the lead maintainer at Josh.Haines@Rolls-Royce.com.
The lead maintainer will acknowledge your email within 48 hours and may ask for additional information or guidance.
Report security bugs in third-party modules to the person or team maintaining the module.