Add SECURITY.md #131
Comments
|
Hi, thanks for the note. I certainly will do that, and I appreciate your
discretion!
Best,
Scot
…On Mon, Sep 27, 2021 at 8:42 PM Ziding Zhang ***@***.***> wrote:
Hey there!
I belong to an open source security research community, and a member (
@0xdhinu <https://github.com/0xdhinu>) has found an issue, but doesn’t
know the best way to disclose it.
If not a hassle, might you kindly add a SECURITY.md file with an email,
or another contact method? GitHub recommends
<https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository>
this best practice to ensure security issues are responsibly disclosed, and
it would serve as a simple instruction for security researchers in the
future.
Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper <https://github.com/huntr-helper>)
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#131>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAZCJTQLYNCXJECUMAOV4DUEE2SZANCNFSM5E4LCV7A>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
--
d(-_-)b
forsan et haec olim meminisse juvabit
|
|
SECURITY.md has been added (github only, not pypi), thank you.
./s
…On Mon, Sep 27, 2021 at 10:52 PM Scot Hacker ***@***.***> wrote:
Hi, thanks for the note. I certainly will do that, and I appreciate your
discretion!
Best,
Scot
On Mon, Sep 27, 2021 at 8:42 PM Ziding Zhang ***@***.***>
wrote:
> Hey there!
>
> I belong to an open source security research community, and a member (
> @0xdhinu <https://github.com/0xdhinu>) has found an issue, but doesn’t
> know the best way to disclose it.
>
> If not a hassle, might you kindly add a SECURITY.md file with an email,
> or another contact method? GitHub recommends
> <https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository>
> this best practice to ensure security issues are responsibly disclosed, and
> it would serve as a simple instruction for security researchers in the
> future.
>
> Thank you for your consideration, and I look forward to hearing from you!
>
> (cc @huntr-helper <https://github.com/huntr-helper>)
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub
> <#131>, or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AAAZCJTQLYNCXJECUMAOV4DUEE2SZANCNFSM5E4LCV7A>
> .
> Triage notifications on the go with GitHub Mobile for iOS
> <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
> or Android
> <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
>
>
--
d(-_-)b
forsan et haec olim meminisse juvabit
--
d(-_-)b
forsan et haec olim meminisse juvabit
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey there!
I belong to an open source security research community, and a member (@0xdhinu) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: