Skip to content

Security: Matocolotoe/Skript-1.8

Security

security.md

Security Document

See also code conventions; there are a few guidelines about security of added code there.

Reporting security issues

Security issues may be reported to core team members privately e.g. on Discord. Note that this applies only to security issues; everything else should still be posted to issue tracker.

Publicly posting security issues is also allowed, because not everyone has or wants a Discord account. We may add other channels for private reports in future.

Team guidelines

Everyone with push access must use two-factor authentication for their GitHub accounts. Should their account still be compromised, other team members should be immediately notified.

There aren’t any published security advisories