Add SECURITY guidelines about security vulnerability disclosures, and link them from the CONTRIBUTING guidelines
This commit is contained in:
parent
7a691b8e6c
commit
fda03b8362
@ -9,6 +9,8 @@ your contributions.
|
||||
issues](https://github.com/thelounge/lounge/issues?q=is%3Aissue) to see if
|
||||
this was not already discussed before. If you can't see any, feel free to
|
||||
[open a new issue](https://github.com/thelounge/lounge/issues/new).
|
||||
- If you think you discovered a security vulnerability, **do not open a public
|
||||
issue on GitHub.** Refer to our [security guidelines](SECURITY.md) instead.
|
||||
|
||||
### I want to contribute to the code
|
||||
|
||||
|
9
SECURITY.md
Normal file
9
SECURITY.md
Normal file
@ -0,0 +1,9 @@
|
||||
# Responsible Disclosure of Security Vulnerabilities
|
||||
|
||||
- ⚠️ **Do not open public issues on GitHub to report security vulnerabilities.**
|
||||
- Contact us privately first, in a
|
||||
[responsible disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure)
|
||||
manner.
|
||||
- On IRC, send a private message to any voiced user on our Freenode channel,
|
||||
`#thelounge`.
|
||||
- By email, send us your report at <mailto:security@thelounge.chat>.
|
Loading…
Reference in New Issue
Block a user