Skip to content

Update vulnerability reporting docs to use direct email contact#14

Merged
devRael1 merged 1 commit into
masterfrom
copilot/update-vulnerability-reporting
Apr 14, 2026
Merged

Update vulnerability reporting docs to use direct email contact#14
devRael1 merged 1 commit into
masterfrom
copilot/update-vulnerability-reporting

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 14, 2026

The security reporting guidance still directed users to GitHub private advisories, but that flow is not configured for this repository. This updates the documented reporting path to use the maintainer email address instead.

  • Security policy

    • Replaced the GitHub private advisory instructions in SECURITY.md with a direct contact path: devrael1@protonmail.com
    • Added an explicit note that GitHub private vulnerability reporting is not configured for this repository

  • Result

    • Contributors now have a working private disclosure channel
    • The documentation no longer points to a non-functional reporting mechanism
If you discover a security vulnerability in TorBoxSDK, please report it
responsibly by email at **devrael1@protonmail.com**.

GitHub's private security advisory reporting is not configured for this
repository, so please do not use it for vulnerability reports.

@devRael1
docs: update vulnerability reporting contact
59cfde4 
Agent-Logs-Url: https://github.com/devRael1/TorBoxSDK/sessions/84da3e01-78c4-4637-872a-76aacad130f1

Co-authored-by: devRael1 <91017912+devRael1@users.noreply.github.com>
@devRael1 devRael1 marked this pull request as ready for review April 14, 2026 10:47
Copilot AI review requested due to automatic review settings April 14, 2026 10:47
Copilot AI reviewed Apr 14, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates TorBoxSDK’s security vulnerability reporting instructions to use a direct maintainer email address instead of GitHub private advisories, aligning the documentation with the repository’s current reporting setup.

Changes:

  • Replaced GitHub private advisory reporting instructions with email-based reporting (devrael1@protonmail.com).
  • Added an explicit note that GitHub private vulnerability reporting is not configured for this repository.

@devRael1 devRael1 merged commit adf82fe into master Apr 14, 2026
4 checks passed
@devRael1 devRael1 deleted the copilot/update-vulnerability-reporting branch April 14, 2026 10:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@devRael1 devRael1

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@devRael1