Project pages

[splitbrain]

I would like to be able to point people directly to huntr.dev as a way for responsible disclosure.

Instead of pointing them to the homepage, I would prefer a specific page for my project. It could use the repo info from github for a logo and descriptions and it could also list previous public reports. A prominent way to report a new vulnerability for the specific project should also be included.

Maintainers should see all open reports here.

[jaapmarcus]

It is currently already possible to direct them directly to the Disclose page via the following url:

https://www.huntr.dev/bounties/disclose/?target=full-github-url

For example

https://www.huntr.dev/bounties/disclose/?target=https%3A%2F%2Fgithub.com%2Fhestiacp%2Fhestiacp

[splitbrain]

Okay, that's a start. But it illustrates my point. https://www.huntr.dev/bounties/disclose/?target=https%3A%2F%2Fgithub.com%2Fsplitbrain%2Fdokuwiki%2F says there are 3 reports. But I am only aware of two. How do I find the third?

[jaapmarcus]

The counter also includes the invalid ones...

See:

https://huntr.dev/bounties/3ccb5b8e-6bb4-4ef2-83c8-dc7c259c05da/

[psmoros]

Thanks @jaapmarcus! @splitbrain have you tried the repositories tab as a way to keep on top of your repos or do you find it inadequate? Also you can put our badge on your repo with a link like the one @jaapmarcus included for users to be reditected to huntr for responsible disclosure (like vim and ohmyzsh)

Also, the users can search for your repo in hacktivity and see all open reports there... do these solutions do it but weren't obvious to use or do you still want a page for your project?

Let me know if you're open for a quick chat though discord or any other medium!

[splitbrain]

@psmoros that tab is actually suitable for what I need as maintainer to keep track of open reports. Thank you - I had missed that.

I still think a public project page would be a good idea.

[JamieSlome]

@splitbrain - circling back around here...

💭 Thoughts on:

https://huntr.dev/repos/splitbrain/dokuwiki/

[splitbrain]

@JamieSlome looks good. The repo description looks a bit weird - I think you want to adjust the CSS. But I consider this closed.