Add SECURITY.md #309
Comments
andrewicarlson
added a commit
to andrewicarlson/graphql-request
that referenced
this issue
Apr 4, 2022
|
Hey @JamieSlome, thanks for bringing this up. I've issued a PR adding a |
|
@andrewicarlson - thanks for the support here 👍 We e-mailed the organisation e-mail a little while back but will send the details to the new e-mail address now. Just for reference, you can find the report directly here: https://huntr.dev/bounties/d6418ac2-fce8-4963-b6e5-9b0025238451/ It is private and only accessible to maintainers with repository write permissions. |
|
Hey @JamieSlome, trying to follow up on how we missed this before. What organisation e-mail was that?
|
|
@janpio - it was The e-mail would have been from |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey there!
I belong to an open source security research community, and a member (@ranjit-git) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: