[Improvement] Add AGENTS.md + SECURITY.md to make the security model discoverable#18310
Merged
SbloodyS merged 1 commit intoJun 2, 2026
Merged
Conversation
Generated-by: Claude Code
|
SbloodyS
changed the title
potiuk
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is a proposal for the DolphinScheduler PMC to review — please
correct, reject, or discuss as needed. The maintainer is the
decision-maker; nothing here is a requirement.
This adds the conventional
AGENTS.md → SECURITY.mddiscoverabilitychain so an automated security scanner can mechanically locate the
project's existing security model. It does not add or change any
model content — your security model at
docs/docs/en/contribute/join/security-model.mdis untouched; this justmakes it reachable via the standard chain.
SECURITY.md(new) — routes vulnerability reports to the ASF securityprocess and points at the existing security model.
AGENTS.md(new) — a Security section routing agents alongAGENTS.md → SECURITY.md →your security model.Context: the ASF Security team is preparing the project for an automated
agentic security scan being piloted by the team. Such scans refuse to run
unless the model is discoverable by that conventional path —
discoverability is the one hard gate. No project source is touched.
Questions / pushback welcome — happy to adjust file placement or wording
to match the project's house style.