Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: redirect security vulnerabilities to email #8131

Merged
merged 3 commits into from Dec 24, 2020
Merged

chore: redirect security vulnerabilities to email #8131

merged 3 commits into from Dec 24, 2020

Conversation

HonkingGoose
Copy link
Collaborator

Changes:

  • Add Markdown comment to redirect potential security bugs to email instead

Context:

I think it's good to make sure bug reporters know that they should not use the bug report template for security concerns.
A bug reporter might miss the section "Report a security vulnerability" from the New issue part of GitHub.

This PR adds a Markdown comment, but we can also use a checkbox or line like this in the visible text:

- [ ] This is not a security concern, please read the [security policy](https://github.com/renovatebot/renovate/security/policy) for security concerns

Closes #8119.

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please tick one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added unit tests, or
  • Unit tests + ran on a real repository

viceice
viceice previously approved these changes Dec 23, 2020
View reviewed changes
@HonkingGoose @rarkins
Update .github/ISSUE_TEMPLATE/bug_report.md
5988d65 
Co-authored-by: Rhys Arkins <rhys@arkins.net>
@rarkins rarkins merged commit 19359d3 into renovatebot:master Dec 24, 2020
@HonkingGoose HonkingGoose deleted the chore/improve-bug-report-template-with-redirection branch December 24, 2020 11:36
@renovate-release
Copy link
Collaborator

🎉 This PR is included in version 24.10.3 🎉

The release is available on:

Your semantic-release bot 📦🚀

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jan 25, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rarkins rarkins rarkins approved these changes

@viceice viceice viceice left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

chore: improve bug report template with re-direction to security policy
4 participants
@HonkingGoose @renovate-release @viceice @rarkins