[documentation] Add a security policy
Security policies in Open Source projects tell users, site admins, managers, developers, etc., how to contact the project in case of a security problem. These policies can also either document, or have links to documentation, what the project does regarding security. For example, the text may include compliance with security standards like HIPAA security rules, ISO 27001, etc.
We can fix it by adding a simple SECURITY.md to this repository. Or we can go further and add a section to our docs about security and compliance.
Note that this is not a replacement for security features of Autosubmit, like authorization, authentication, data encryption, etc. This is about security at the project level (doesn't mean we cannot say how the code is made safe to use).
Examples:
- https://stackstorm.com/security/ & https://github.com/StackStorm/st2/blob/master/SECURITY.md
- https://github.com/cylc/cylc-flow/blob/master/SECURITY.md
- https://github.com/galaxyproject/galaxy/blob/dev/SECURITY.md
- https://github.com/arvados/arvados/blob/main/SECURITY.md
- https://arvados.org/compliance/
Refs: