From 26761544e7e66460daeecfd0f68bb1632f6343d7 Mon Sep 17 00:00:00 2001 From: Oliver Sauder Date: Wed, 16 Nov 2022 12:13:42 +0400 Subject: [PATCH] Adjusted security policy Use security advisories to report vulnerabilities instead of email. --- SECURITY.md | 4 ++-- docs/CONTRIBUTING.md | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index e524f6a5..5cb25b29 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -4,6 +4,6 @@ If you believe you've found something in Django REST framework JSON:API which has security implications, please **do not raise the issue in a public forum**. -Send a description of the issue via email to [rest-framework-jsonapi-security@googlegroups.com][security-mail]. The project maintainers will then work with you to resolve any issues where required, prior to any public disclosure. +Use the security advisory to [report a vulnerability](https://github.com/django-json-api/django-rest-framework-json-api/security/advisories/new) instead. -[security-mail]: mailto:rest-framework-jsonapi-security@googlegroups.com +The project maintainers will then work with you to resolve any issues where required, prior to any public disclosure. diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md index 2aa87cfe..0715c364 100644 --- a/docs/CONTRIBUTING.md +++ b/docs/CONTRIBUTING.md @@ -69,4 +69,3 @@ In case a new maintainer joins our team we need to consider to what of following * [Github organization](https://github.com/django-json-api) * [Read the Docs project](https://django-rest-framework-json-api.readthedocs.io/) * [PyPi project](https://pypi.org/project/djangorestframework-jsonapi/) -* [Google Groups security mailing list](https://groups.google.com/g/rest-framework-jsonapi-security)