Add extracted tools: CitrineOS, OpenOCPP, ShapeShifter

- CitrineOS core extracted (CSMS OCPP 2.0.1) - OpenOCPP extracted (firmware OCPP 1.6J/2.0.1) - ShapeShifter library installed (pip install -e) - ShapeShifter specification extracted - EVerest extracted TODO updated with progress
2026-06-08 00:38:27 -04:00
parent 468cfeaa50
commit d398a6ced2
7326 changed files with 1177561 additions and 7 deletions
--- a/tools/EVerest-main/docs/source/project/governance/security.rst
+++ b/tools/EVerest-main/docs/source/project/governance/security.rst
@@ -0,0 +1,26 @@
+.. _project-security-policy:
+
+###############
+Security Policy
+###############
+
+Supported Versions
+==================
+
+Since the beginning of 2026 we are releasing versions of EVerest with a cadence of six months.
+The specifics of this release process are outlined in the :ref:`Release Documentation <project-release-and-versioning>`.
+
+Reporting a Vulnerability
+=========================
+
+If you found a vulnerability, we are super keen and grateful to get the details. Please use this private mailing list to let us know:
+everest-security@lists.lfenergy.org
+
+Please DON'T use the publicly visible issue reporting functionality from GitHub!
+Alternatively you can use the "Report a vulnerability" feature on Github
+which should be enabled in all repositories.
+For example for EVerest you can find this here: https://github.com/EVerest/EVerest/security
+
+We try to monitor this list and respond every working day, but in initial respond time should not go beyond 7 days.
+Please provide us with your estimation of the severity of your finding. Every other information on how to exploit it as well as everything
+else you could provide is helpful.