SECURITY.md - continuous-integration - Git at Google

 # Security Policy

 ## Reporting a Vulnerability

 To report a security issue, please email security@bazel.build with a description
 of the issue, the steps you took to create the issue, affected versions, and, if
 known, mitigations for the issue. Our vulnerability management team will respond
 within 3 working days of your email. If the issue is confirmed as a
 vulnerability, we will open a Security Advisory. This project follows a 90 day
 disclosure timeline.
	# Security Policy

	## Reporting a Vulnerability

	To report a security issue, please email security@bazel.build with a description
	of the issue, the steps you took to create the issue, affected versions, and, if
	known, mitigations for the issue. Our vulnerability management team will respond
	within 3 working days of your email. If the issue is confirmed as a
	vulnerability, we will open a Security Advisory. This project follows a 90 day
	disclosure timeline.