doc: mention the anti-spam bypass in security.html

We had some issues with reports being marked as spam, so I added a filter to never mark as spam something that mentions the word "vulnerability". We get too much spam at that address to disable the filter entirely, so instead meantion the bypass in the docs. Change-Id: Idb4dabcf51a9dd8234a2d571cd020c970b0a582c Reviewed-on: https://go-review.googlesource.com/c/go/+/205538 Reviewed-by: Katie Hockman <[email protected]>
golang · Nov 5, 2019 · 81559af · 81559af
1 parent fb37821
commit 81559af
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/doc/security.html b/doc/security.html
@@ -24,7 +24,11 @@ <h3>Reporting a Security Bug</h3>
 </p>
 
 <p>
-Please use a descriptive subject line for your report email.
+To ensure your report is not marked as spam, please include the word "vulnerability"
+anywhere in your email. Please use a descriptive subject line for your report email.
+</p>
+
+<p>
 After the initial reply to your report, the security team will endeavor to keep
 you informed of the progress being made towards a fix and full announcement.
 These updates will be sent at least every five days.