Improve grammar around tooling in SECURITY

2025-04-18 19:04:06 +03:00 · 2024-03-21 11:30:35 -07:00 · 2024-03-21 11:30:35 -07:00 · a1f38cab3a
commit a1f38cab3a
parent 1cd234d3a5
1 changed files with 1 additions and 1 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -12,7 +12,7 @@ Our `govulncheck` wrapper script ([`govulncheck-with-excludes.sh`](govulncheck-w

 Similar to the how traditional Linux distributions such as Debian handle rebuilding binaries between stable releases / for updated compilers (or rather, the situations and reasons for which they do *not* do so), and in the same spirit as the above CVE policy and [Go's "Minimal Version Selection"](https://research.swtch.com/vgo-mvs), we do *not* update the compiler/rebuild with a newer compiler unless there is a compelling functional or security reason in the code that ends up as part of the `gosu` binary that warrants doing so.

-As above, if you have a "security scanning" tool which does not agree with this policy, please take that up with your scanning tool vendor (report as a false positive, improve the tool to `govulncheck`, etc).
+As above, if you have a "security scanning" tool which does not agree with this policy, please take that up with your scanning tool vendor (report as a false positive, improve the tool to use `govulncheck`, etc).

 # Reporting Vulnerabilities