You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please create a security policy detailing contacting information, as this helps security researchers privately report issues.
The most important step in the process is providing a way for security researchers to contact your organization. The easier it is for them to do so, the more likely it is that you'll receive security reports.
Locations this could be located include but are not limited to:
SECURITY.md at the root of the GitHub repository. This has the added benefit of showing up on the "Security" GitHub tab.
/.well-known/security.txt on the website. See securitytxt.org.
Page on the frontend, linked to in the footer or similar.
The most common methods of communication for open-source software are E-Mail and GitHub private vulnerability reporting. The only mention of security reporting I found, was hidden in a small bubble on the login form. You have to go digging to find this, which is a bit annoying.
The text was updated successfully, but these errors were encountered:
Please create a security policy detailing contacting information, as this helps security researchers privately report issues.
Locations this could be located include but are not limited to:
/.well-known/security.txton the website. See securitytxt.org.The most common methods of communication for open-source software are E-Mail and GitHub private vulnerability reporting. The only mention of security reporting I found, was hidden in a small bubble on the login form. You have to go digging to find this, which is a bit annoying.
The text was updated successfully, but these errors were encountered: