Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SECURITY.md #14445

Open
wants to merge 2 commits into
base: 2.x
from

Conversation

Projects
None yet
5 participants
@JoshuaLuckers
Copy link
Collaborator

commented Mar 2, 2019

What does it do?

Add a SECURITY.md file with info about reporting security issues in MODX

Why is it needed?

Encourage responsible disclosure

Related issue(s)/PR(s)

Fixes issue #14204

@Mark-H

This comment has been minimized.

Copy link
Collaborator

commented Mar 5, 2019

@opengeek Any chance you heard back from HackerOne about potentially using that instead of the old emails?

@JoshuaLuckers

This comment has been minimized.

Copy link
Collaborator Author

commented May 5, 2019

@opengeek ping

@opengeek
Copy link
Member

left a comment

HackerOne is not an option at this time. That link in this document is no longer valid either.

@JoshuaLuckers

This comment has been minimized.

Copy link
Collaborator Author

commented May 14, 2019

That link in this document is no longer valid either.

Is there a new link available?

@opengeek

This comment has been minimized.

Copy link
Member

commented May 14, 2019

I added a redirect for that old link; it now goes to:

https://modx.com/community/contribute/report-a-security-issue

@JoshuaLuckers JoshuaLuckers dismissed stale reviews from Alroniks and Jako via 6088fe1 May 15, 2019

@JoshuaLuckers

This comment has been minimized.

Copy link
Collaborator Author

commented May 15, 2019

I added a redirect for that old link; it now goes to:

https://modx.com/community/contribute/report-a-security-issue

Thanks, I updated my PR with the new link.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.