Who to contact for security issues #1213
Comments
|
we generally take security issues through our public
channels, as there is
little value for this project in treating security issues differently
from regular
issues.
At 03:23 AM 9/24/2021, Ziding Zhang wrote:
Hey there!
I belong to an open source security research community, and a member
***@***.***) has found an issue,
but doesn�t know the best way to disclose it.
If not a hassle, might you kindly add a SECURITY.md file with an email,
or another contact method? GitHub
recommends this best practice to ensure security issues are
responsibly disclosed, and it would serve as a simple instruction for
security researchers in the future.
Thank you for your consideration, and I look forward to hearing from
you!
(cc @huntr-helper)
You are receiving this because you are subscribed to this thread.
Reply to this email directly,
view it on
GitHub, or
unsubscribe.
Triage notifications on the go with GitHub Mobile for
iOS or
Android.
|
This was referenced Oct 7, 2021
|
Referenced bugs are resolved. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey there!
I belong to an open source security research community, and a member (@TheCrott) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: