From 23bf1d6aa7958eb0cd46bcd5c2dbeba9b0088486 Mon Sep 17 00:00:00 2001 From: Scott Leggett Date: Thu, 11 Jan 2024 20:15:44 +0800 Subject: [PATCH] fix: use a real email address in SECURITY.md --- README.md | 3 ++- SECURITY.md | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 53caa7f..f48e98e 100644 --- a/README.md +++ b/README.md @@ -75,7 +75,8 @@ Then customize the code for your repository: * update `deploy/$YOUR_COMMAND/Dockerfile` * update `.github/workflows/build.yaml`, replacing `go-cli-github` with `$YOUR_COMMAND`. * update `.goreleaser.yaml` to build `cmd/$YOUR_COMMAND` - * update the links at the top of the README + * update the links at the top of `README.md` + * update the contact email in `SECURITY.md` 1. Commit and push: diff --git a/SECURITY.md b/SECURITY.md index 3059784..a6bb6da 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -8,7 +8,7 @@ Only the latest minor version will receive patch releases. ## Reporting a Vulnerability To report a security issue, please [privately report a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) through GitHub. -If you do not have a GitHub account, please email security@example.com with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. +If you do not have a GitHub account, please email scott@smlx.dev with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. We will endeavour to respond within 3 working days of your email. If an issue is confirmed as a vulnerability, we will open a Security Advisory.