Security policy should probably not be listing an e-mail address

I tried using the one listed (`secure@microsoft.com`) today and got this back:

<img width="608" height="287" alt="Image" src="https://github.com/user-attachments/assets/107988bc-71c9-4cd1-8b93-7c1996192a10" />

Now apparently the email still works if you use a magic token [from here](https://msrc.microsoft.com/report/vulnerability/new):

<img width="1106" height="177" alt="Image" src="https://github.com/user-attachments/assets/a7ee96c4-2204-4735-9685-ad4a33893dbc" />

but it's probably easier for everyone involved if you just send people at this page first and then they can decide for themselves whether or not they wanna try the magic token or not...?

Same thing applies to `README.md` too.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security policy should probably not be listing an e-mail address #64393

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Security policy should probably not be listing an e-mail address #64393

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions