Add a security policy - SECURITY.md file #4328
Comments
|
Hey Jamie, sure! I'll add it on the next release! Meanwhile, feel free to contact me using the contact form. |
alvarotrigo
changed the title
|
@alvarotrigo - thanks 👍 I have submitted an e-mail via the contact form. If you want to view the report directly, you can find it here: It is private and only accessible to maintainers with repository write permissions. |
|
Fixed on v4! 👍 |
|
@alvarotrigo - appreciate your time and response here 👍 Would it be possible to mark the report as valid and confirm the fix? Plus there is also a bounty for the fix too, which you are welcome to :) |
Done! 👍
Awesome! I didn't know about the bounties! |
|
@alvarotrigo - not at all, you and @r0hanSH did all the leg work!
The funds used for bounties are provided by enterprises that are looking to back the repositories and projects that they depend upon, otherwise, we ourselves fund the research 👍 Also, feel free to drop our badge on your |
|
Awesome! It's a great initiative!! |
Hey there!
I belong to an open source security research community, and a member (@r0hanSH) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: