zishuo/rtsp-simple-server
1
0
Fork 0
mirror of https://github.com/aler9/rtsp-simple-server synced 2025-09-26 19:51:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: add security page (#4922)

Browse Source
This commit is contained in:
Alessandro Ros
2025-08-31 16:57:27 +02:00
committed by GitHub
parent 3ed918bfca
commit 55ff69067e
5 changed files with 25 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/release.yml vendored
View File

@@ -62,8 +62,8 @@ jobs:
+ `\n`
+ `## Security\n`
+ `\n`
+ `Binaries have been produced by the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml)`
+ ` without human intervention.\n`
+ `Binaries are compiled from source through the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml) without human intervention,`
+ ` preventing any external interference.`
+ `\n`
+ 'You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds):\n'
+ `\n`

4
SECURITY.md
View File

@@ -1,3 +1,3 @@
# Security Policy
# Security
Vulnerabilities can be reported privately by using the [Security Advisory](https://github.com/bluenviron/mediamtx/security/advisories/new) feature of GitHub.
Check the [Security page](https://mediamtx.org/docs/other/security) on the website.

21
docs/4-other/3-security.md Normal file
View File

@@ -0,0 +1,21 @@
# Security
## Reporting vulnerabilities
Vulnerabilities can be reported privately by using the [Security Advisory](https://github.com/bluenviron/mediamtx/security/advisories/new) feature of GitHub.
## Binaries
Binaries are compiled from source through the [Release workflow](https://github.com/bluenviron/mediamtx/actions/workflows/release.yml) without human intervention, preventing any external interference.
You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds):
```sh
ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx
```
You can verify the binaries checksum by downloading `checksums.sha256` and running:
```sh
cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check
```

0
docs/4-other/3-specifications.md → docs/4-other/4-specifications.md
View File

0
docs/4-other/4-related-projects.md → docs/4-other/5-related-projects.md
View File