External/mediamtx
1
0
Fork 1
mirror of https://github.com/bluenviron/mediamtx.git synced 2025-12-20 02:00:05 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

docs: add security page (#4922)
Some checks failed
code_lint / golangci_lint (push) Has been cancelled
Details
code_lint / mod_tidy (push) Has been cancelled
Details
code_lint / api_docs (push) Has been cancelled
Details
code_test / test_64 (push) Has been cancelled
Details
code_test / test_32 (push) Has been cancelled
Details
code_test / test_e2e (push) Has been cancelled
Details

Browse source
This commit is contained in:
Alessandro Ros 2025-08-31 16:57:27 +02:00 committed by GitHub
parent 3ed918bfca
commit 55ff69067e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 25 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/release.yml vendored
View file

@ -62,8 +62,8 @@ jobs:
+ `\n` + `\n`
+ `## Security\n` + `## Security\n`
+ `\n` + `\n`
+ `Binaries have been produced by the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml)` + `Binaries are compiled from source through the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml) without human intervention,`
+ ` without human intervention.\n` + ` preventing any external interference.`
+ `\n` + `\n`
+ 'You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds):\n' + 'You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds):\n'
+ `\n` + `\n`

4
SECURITY.md
View file

@ -1,3 +1,3 @@
# Security Policy # Security
Vulnerabilities can be reported privately by using the [Security Advisory](https://github.com/bluenviron/mediamtx/security/advisories/new) feature of GitHub. Check the [Security page](https://mediamtx.org/docs/other/security) on the website.

21
docs/4-other/3-security.md Normal file
View file

@ -0,0 +1,21 @@
# Security
## Reporting vulnerabilities
Vulnerabilities can be reported privately by using the [Security Advisory](https://github.com/bluenviron/mediamtx/security/advisories/new) feature of GitHub.
## Binaries
Binaries are compiled from source through the [Release workflow](https://github.com/bluenviron/mediamtx/actions/workflows/release.yml) without human intervention, preventing any external interference.
You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds):
```sh
ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx
```
You can verify the binaries checksum by downloading `checksums.sha256` and running:
```sh
cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check
```

0
docs/4-other/3-specifications.md → docs/4-other/4-specifications.md
View file

0
docs/4-other/4-related-projects.md → docs/4-other/5-related-projects.md
View file