Add a security policy

Question

Add a security policy

JamieSlome opened this issue 3 years ago · 2 comments

Hey there!

I belong to an open source security research community, and a member (@aravindd007) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

Answer 1 · 2022-01-30T15:05:40.000Z

Create a security.md file. Thank you for your suggestion.

Answer 2 · 2022-01-31T11:13:58.000Z

@adi-matei - thanks for your response! ⚡

You should have received an e-mail about 4 hours ago. Otherwise, you can view the report directly here:

https://huntr.dev/bounties/b083f22d-6ea5-4cfc-bd29-55734542bcc7/

it is private and only accessible to maintainers with repository push permissions 👍