Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add security policy #922

Open
exceptionalcold opened this issue May 11, 2023 · 2 comments
Open

Add security policy #922

exceptionalcold opened this issue May 11, 2023 · 2 comments
Assignees
@abandoned-prototype

Comments

@exceptionalcold
Copy link
Contributor

How should security vulnerabilities be reported? Issues and pull requests are publicly visible. If there is a safer way to disclose information about vulnerabilities, can someone document that process and add it to the repo?

https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
@abandoned-prototype
Copy link
Collaborator

Thank you, @exceptionalcold for this report. I agree, that we should add a security policy and I will work on this.
In the meantime, issues can be reported to [email protected]

@abandoned-prototype abandoned-prototype self-assigned this May 12, 2023
@michplunkett
Copy link
Collaborator

Something like this may be useful if we are in a scenario where someone is in immediate danger: https://stackoverflow.com/a/4909248

@michplunkett michplunkett changed the title add security policy Add security policy Jun 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@abandoned-prototype abandoned-prototype

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@michplunkett @abandoned-prototype @exceptionalcold