├── SECURITY.md
└── README.md


/SECURITY.md:
--------------------------------------------------------------------------------
 1 | # Security Policy
 2 | 
 3 | ## Reporting a Vulnerability
 4 | 
 5 | Security concerns that impact repos under the
 6 | [`graphql` GitHub org](https://github.com/graphql/) (including reference
 7 | implementations and official tools) may be responsibly disclosed to the TSC via
 8 | [any current TSC member](https://github.com/graphql/graphql-wg/blob/main/GraphQL-TSC.md#tsc-members-1),
 9 | with the expectation that they will be discussed and triaged by the TSC as a
10 | whole. You may reach a subset of current TSC members via
11 | [security@graphql.org](mailto:security@graphql.org).
12 | 
13 | Our goal is to provide complete, accurate, and actionable disclosures once a
14 | reported issue has been sufficiently understood and there has been a reasonable
15 | opportunity to deploy fixes responsibly. See
16 | [the TSC security policy](https://github.com/graphql/graphql-wg/blob/main/GraphQL-TSC.md#security-policy).
17 | 
18 | Please note that TSC members are voluntary, geographically distributed, and tend
19 | to have a lot of demands on their time - please be patient with us.
20 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # .github
 2 | 
 3 | Default community health files for GraphQL Foundation
 4 | 
 5 | # Contributing to this repo
 6 | 
 7 | This repository is managed by EasyCLA. Project participants must sign the free ([GraphQL Specification Membership agreement](https://preview-spec-membership.graphql.org) before making a contribution. You only need to do this one time, and it can be signed by [individual contributors](http://individual-spec-membership.graphql.org/) or their [employers](http://corporate-spec-membership.graphql.org/).
 8 | 
 9 | To initiate the signature process please open a PR against this repo. The EasyCLA bot will block the merge if we still need a membership agreement from you.
10 | 
11 | You can find [detailed information here](https://github.com/graphql/graphql-wg/tree/main/membership). If you have issues, please email [operations@graphql.org](mailto:operations@graphql.org).
12 | 
13 | If your company benefits from GraphQL and you would like to provide essential financial support for the systems and people that power our community, please also consider membership in the [GraphQL Foundation](https://foundation.graphql.org/join). 
14 | 


--------------------------------------------------------------------------------