Add SECURITY guidelines about security vulnerability disclosures, and link them from the CONTRIBUTING guidelines
This commit is contained in:
parent
7a691b8e6c
commit
fda03b8362
@ -9,6 +9,8 @@ your contributions.
|
|||||||
issues](https://github.com/thelounge/lounge/issues?q=is%3Aissue) to see if
|
issues](https://github.com/thelounge/lounge/issues?q=is%3Aissue) to see if
|
||||||
this was not already discussed before. If you can't see any, feel free to
|
this was not already discussed before. If you can't see any, feel free to
|
||||||
[open a new issue](https://github.com/thelounge/lounge/issues/new).
|
[open a new issue](https://github.com/thelounge/lounge/issues/new).
|
||||||
|
- If you think you discovered a security vulnerability, **do not open a public
|
||||||
|
issue on GitHub.** Refer to our [security guidelines](SECURITY.md) instead.
|
||||||
|
|
||||||
### I want to contribute to the code
|
### I want to contribute to the code
|
||||||
|
|
||||||
|
9
SECURITY.md
Normal file
9
SECURITY.md
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
# Responsible Disclosure of Security Vulnerabilities
|
||||||
|
|
||||||
|
- ⚠️ **Do not open public issues on GitHub to report security vulnerabilities.**
|
||||||
|
- Contact us privately first, in a
|
||||||
|
[responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure)
|
||||||
|
manner.
|
||||||
|
- On IRC, send a private message to any voiced user on our Freenode channel,
|
||||||
|
`#thelounge`.
|
||||||
|
- By email, send us your report at <mailto:security@thelounge.chat>.
|
Loading…
Reference in New Issue
Block a user