chore: import upstream snapshot with attribution

This commit is contained in:
wehub-resource-sync
2026-07-13 12:26:02 +08:00
commit a0a48b5e45
437 changed files with 100767 additions and 0 deletions
+21
View File
@@ -0,0 +1,21 @@
# Security Policy
## Reporting a Vulnerability
Please report security vulnerabilities via [GitHub's private vulnerability reporting](https://github.com/getagentseal/codeburn/security/advisories/new).
Do not open a public issue for security vulnerabilities.
## Scope
Security reports are welcome for:
- The CLI (`src/`)
- The menubar installer (`src/menubar-installer.ts`)
- The macOS menubar app (`mac/`)
- The desktop app (`desktop/`)
- CI/CD workflows (`.github/workflows/`)
## Release Integrity
Menubar release assets include a `.sha256` checksum file. The installer verifies the checksum before extracting and launching the downloaded bundle.