Check and fix adding file SECURITY.md


This file is required to instruct customers reporting security issues in a safe and secure, yet unified way.

References
* Implementation in [project-keeper](https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/java/com/exasol/projectkeeper/ProjectKeeper.java#L110)
* File [SECURITY.md](https://github.com/exasol/python-toolbox/blob/main/SECURITY.md) in the PTB itself, added in [PTB PR #62](https://github.com/exasol/error-reporting-python/pull/62)

Proposal
* Add the file to the cookie cutter templates
* Enhance PTB's nox session [format:check]( https://github.com/exasol/python-toolbox/blob/main/exasol/toolbox/nox/_format.py#L56) to check if the file exists 
* Enhance PTB's nox session `format:fix` to add the file if it doesn't exist

Alternatively, we could think about a more global and general sessions, e.g. `project:check` and `project:fix`.

Future enhancements (potentially in separate tickets)
* Enable projects to configure PTB to ignore if this file is missing. 
* A generalized way to ignore specific PTB checks or fixes could be based on unique error codes and prefixes, see 
  *  [error-reporting-python](https://github.com/exasol/error-reporting-python)
  * [project-keeper](https://github.com/exasol/project-keeper/blob/main/doc/user_guide/user_guide.md#excluding-findings)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Check and fix adding file SECURITY.md #659

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Check and fix adding file SECURITY.md #659

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions