Browse Source

Add security policy, such as it is.

tags/1.5.1
Dan Helfman 8 months ago
parent
commit
1ddde0910c
6 changed files with 49 additions and 5 deletions
  1. +1
    -0
      NEWS
  2. +6
    -1
      README.md
  3. +19
    -0
      SECURITY.md
  4. +2
    -2
      docs/Dockerfile
  5. +19
    -0
      docs/SECURITY.md
  6. +2
    -2
      docs/how-to/backup-to-a-removable-drive-or-an-intermittent-server.md

+ 1
- 0
NEWS View File

@@ -2,6 +2,7 @@
* #289: Tired of looking up the latest successful archive name in order to pass it to borgmatic
actions? Me too. Now you can specify "--archive latest" to all actions that accept an archive
flag.
* Add security policy documentation in SECURITY.md.

1.5.0
* #245: Monitor backups with PagerDuty hook integration. See the documentation for more


+ 6
- 1
README.md View File

@@ -119,7 +119,12 @@ If you'd like to chat with borgmatic developers or users, head on over to the
href="https://webchat.freenode.net/?channels=borgmatic">web chat</a> or a
native <a href="irc://chat.freenode.net:6697">IRC client</a>.

Other questions or comments? Contact <mailto:witten@torsion.org>.
Also see the [security
policy](https://torsion.org/borgmatic/docs/security-policy/) for any security
issues.

Other questions or comments? Contact
[witten@torsion.org](mailto:witten@torsion.org).


### Contributing


+ 19
- 0
SECURITY.md View File

@@ -0,0 +1,19 @@
---
title: Security policy
permalink: security-policy/index.html
---

## Supported versions

While we want to hear about security vulnerabilities in all versions of
borgmatic, security fixes will only be made to the most recently released
version. It's not practical for our small volunteer effort to maintain
multiple different release branches and put out separate security patches for
each.

## Reporting a vulnerability

If you find a security vulnerability, please [file a
ticket](https://torsion.org/borgmatic/#issues) or [send email
directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
back within a few days at most, and generally sooner.

+ 2
- 2
docs/Dockerfile View File

@@ -1,4 +1,4 @@
FROM python:3.7.4-alpine3.10 as borgmatic
FROM python:3.8.1-alpine3.11 as borgmatic

COPY . /app
RUN pip install --no-cache /app && generate-borgmatic-config && chmod +r /etc/borgmatic/config.yaml
@@ -7,7 +7,7 @@ RUN borgmatic --help > /command-line.txt \
echo -e "\n--------------------------------------------------------------------------------\n" >> /command-line.txt \
&& borgmatic "$action" --help >> /command-line.txt; done

FROM node:12.10.0-alpine as html
FROM node:13.7.0-alpine as html

ARG ENVIRONMENT=production



+ 19
- 0
docs/SECURITY.md View File

@@ -0,0 +1,19 @@
---
title: Security policy
permalink: security-policy/index.html
---

## Supported versions

While we want to hear about security vulnerabilities in all versions of
borgmatic, security fixes will only be made to the most recently released
version. It's not practical for our small volunteer effort to maintain
multiple different release branches and put out separate security patches for
each.

## Reporting a vulnerability

If you find a security vulnerability, please [file a
ticket](https://torsion.org/borgmatic/#issues) or [send email
directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
back within a few days at most, and generally sooner.

+ 2
- 2
docs/how-to/backup-to-a-removable-drive-or-an-intermittent-server.md View File

@@ -10,7 +10,7 @@ buddy's sometimes-online server for that extra level of redundancy.

But if you run borgmatic and your hard drive isn't plugged in, or your buddy's
server is offline, then you'll get an annoying error message and the overall
borgmatic run will fail (even if individual repositories complete just fine).
borgmatic run will fail (even if individual repositories still complete).

So what if you want borgmatic to swallow the error of a missing drive
or an offline server, and continue trucking along? That's where the concept of
@@ -96,7 +96,7 @@ There are some caveats you should be aware of with this feature.
a test to make sure that individual source directories are mounted and
available. Use your imagination!
* The soft failure feature also works for `before_prune`, `after_prune`,
`before_check`, and `after_check` hooks. However it is not implemented for
`before_check`, and `after_check` hooks. But it is not implemented for
`before_everything` or `after_everything`.

## Related documentation


Loading…
Cancel
Save