From ea67e349cc108c81dff0ff6fa6453d32b560d5bf Mon Sep 17 00:00:00 2001 From: Jakob Ankarhem Date: Fri, 24 Apr 2026 16:24:27 +0200 Subject: [PATCH 1/2] chore(release): add SHA256 checksums and security docs --- .github/CODEOWNERS | 1 + .github/SECURITY.md | 39 +++++++++++++++++++++++++++++++++++ .github/workflows/release.yml | 11 ++++++++++ 3 files changed, 51 insertions(+) create mode 100644 .github/CODEOWNERS create mode 100644 .github/SECURITY.md diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..d6a5a11 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +* @NorceTech/dev diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 0000000..3f2c91b --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1,39 @@ +# Security Policy + +## Reporting a Vulnerability + +If you discover a security vulnerability in graylog-cli, please report it +privately through **GitHub Security Advisories**: + +1. Navigate to [github.com/NorceTech/graylog-cli/security/advisories](https://github.com/NorceTech/graylog-cli/security/advisories). +2. Click **"Report a vulnerability"**. +3. Fill in the details of the vulnerability. + +**Do not** report security vulnerabilities through public GitHub issues, +discussions, or any other public channel. + +## Response Timeline + +| Stage | Target | +| ------------------ | ---------------- | +| Acknowledge report | Within 48 hours | +| Provide a fix | Within 30 days | + +We will keep you informed of progress throughout the process. + +## Supported Versions + +Only the **latest release** is supported with security updates. Please +ensure you are running the most recent version before reporting. + +You can check your current version with: + +```sh +graylog-cli --version +``` + +And update to the latest release with: + +```sh +graylog-cli upgrade +``` diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 116e571..7c2d374 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -105,6 +105,16 @@ jobs: with: path: dist + - name: Generate SHA256 checksums + run: | + cd dist + sha256sum \ + graylog-cli-linux-x86_64/graylog-cli-linux-x86_64 \ + graylog-cli-macos-aarch64/graylog-cli-macos-aarch64 \ + graylog-cli-windows-x86_64.exe/graylog-cli-windows-x86_64.exe \ + > checksums-sha256.txt + cat checksums-sha256.txt + - name: Create GitHub Release uses: softprops/action-gh-release@v2 with: @@ -113,3 +123,4 @@ jobs: dist/graylog-cli-linux-x86_64/graylog-cli-linux-x86_64 dist/graylog-cli-macos-aarch64/graylog-cli-macos-aarch64 dist/graylog-cli-windows-x86_64.exe/graylog-cli-windows-x86_64.exe + dist/checksums-sha256.txt From b2086d8a8fc4a269860708ab8bac2b290236767d Mon Sep 17 00:00:00 2001 From: Jakob Ankarhem Date: Fri, 24 Apr 2026 16:31:51 +0200 Subject: [PATCH 2/2] chore(release): use correct CODEOWNERS team --- .github/CODEOWNERS | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d6a5a11..61e43f0 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1,5 @@ -* @NorceTech/dev +# These owners will be the default owners for everything in the repo. +# Unless a later match takes precedence, they will be requested for review when someone opens a pull request. +# + +* @NorceTech/order-squad