Closed KendallDoesCoding closed 2 years ago
github-actions[bot]
commented
2 years ago If you would like to continue contributing to open source and would like to do it with an awesome inclusive community, you should join our Discord chat and our GitHub Organisation - we help and encourage each other to contribute to open source little and often 🤓 . Any questions let us know.
naomi-lgbt
commented
2 years ago Generally, security issues should be reported privately (to avoid making an exploit public before a fix is issued). This might be one that Eddie needs to look at.
KendallDoesCoding
commented
2 years ago Generally, security issues should be reported privately (to avoid making an exploit public before a fix is issued). This might be one that Eddie needs to look at.
True. For my personal projects, I just put a contact security email which I own and sometimes a Google form to report security issues, yall can put a email, discord or something like a Google Form too in SECURITY.md if yall like. There shouldn't be any security issues in the future, but incase there is, it's better to have a security.md file. Let Eddie have a look at it and make a decision.
KendallDoesCoding
commented
2 years ago Also, a security policy is good, because in the issue panel to create a issue) it adds "Report a Security Vulnerablity" and the button to tap instead of create issue is the view security policy. So, if people don't know they need to report it privately, I think it helps if we do that?
KendallDoesCoding
commented
2 years ago This should be added in all the projects/repos under EddieHubCommunity, I highly recommend it.
naomi-lgbt
commented
2 years ago Thanks for the reminder on this! I'll reach out to Eddie again shortly.
eddiejaoude
commented
2 years ago Sorry I missed this, thanks for the reminders 👍
I think people should me via this form http://eddiejaoude.io/contact
Q. I wonder if our CoC should be updatd to use this link too?
naomi-lgbt
commented
2 years ago Awesome - going to open this up for first time contributors.
A PR which resolves this issue will:
SECURITY.MD file in the root project directory.http://eddiejaoude.io/contact.KendallDoesCoding
commented
2 years ago @nhcarrigan Please assign me
KendallDoesCoding
commented
2 years ago @eddiejaoude Can I do these changes in all the repos under the organization as all of the repos need this to be done.
eddiejaoude
commented
2 years ago Thank you @KendallDoesCoding but it is probably better to leave these to someone who is new to open source
naomi-lgbt
commented
2 years ago Can I do these changes in all the repos under the organization as all of the repos need this to be done.
Your enthusiasm is awesome! But I think it would be good to encourage others to make changes too - share the green squares and encourage more people to get involved. 😁
KendallDoesCoding
commented
2 years ago That's true Eddie & nhcarrigan ... We can leave it for someone else to do, but if required later on I'll be down to do it... I'm pretty new to open source too 😄 .
KendallDoesCoding
commented
2 years ago Please let me know if I should create a issue similar to this in every repo, or is it fine in this repo, and it's just understood we gotta do this in every repo?
eddiejaoude
commented
2 years ago I think it would be better in every repo, and the PR can be close the issue - but let's share the green squares
KendallDoesCoding
commented
2 years ago I think it would be better in every repo, and the PR can be close the issue - but let's share the green squares
Ok will do!
anthonychinwe
commented
2 years ago Hello, please can I work on this issue?
eddiejaoude
commented
2 years ago Sure @anthonychinwe , but please only do it for 1 repo, so others can get green squares too 🤓
anthonychinwe
commented
2 years ago Okay, I'll work on only the current root repo
KendallDoesCoding
commented
2 years ago I'll work on the other repo.
eddiejaoude
commented
2 years ago but let's share the green squares
@KendallDoesCoding I know you are keen, but please see my message from before - you already raised the issues on other repos, and I mentioned I was keen for others to do this so they can get some practice with open source
KendallDoesCoding
commented
2 years ago yeah but you told Anthony they can make a PR in one issue? I thought the same applies for me, if not no worries :)
On Mon, 28 Feb 2022 at 22:46, Eddie Jaoude @.***> wrote:
but let's share the green squares
@KendallDoesCoding https://github.com/KendallDoesCoding I know you are keen, but please see my message from before - you already raised the issues on other repos, and I mentioned I was keen for others to do this so they can get some practice with open source
— Reply to this email directly, view it on GitHub https://github.com/EddieHubCommunity/LinkFree/issues/1099#issuecomment-1054479986, or unsubscribe https://github.com/notifications/unsubscribe-auth/AUGJUTKXNPXRORECNMQ2K6LU5T5PZANCNFSM5OAEJYVA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
You are receiving this because you were mentioned.Message ID: @.***>
EmmaDawsonDev
commented
2 years ago yeah but you told Anthony they can make a PR in one issue? I thought the same applies for me, if not no worries :) …
Kendall, you already raised at least 10 issues today, share the squares :) Maybe if no one else claims them within a week or two you can go round and add the issues where needed.
KendallDoesCoding
commented
2 years ago Fair enough... Will do :)
On Mon, 28 Feb 2022 at 23:20, Emma Dawson @.***> wrote:
yeah but you told Anthony they can make a PR in one issue? I thought the same applies for me, if not no worries :) … <#m-8115948141740875800>
Kendall, you already raised at least 10 issues today, share the squares :) Maybe if no one else claims them within a week or two you can go round and add the issues where needed.
— Reply to this email directly, view it on GitHub https://github.com/EddieHubCommunity/LinkFree/issues/1099#issuecomment-1054510632, or unsubscribe https://github.com/notifications/unsubscribe-auth/AUGJUTIUOC7AY64CDFHEIKDU5OYWPANCNFSM5OAEJYVA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
You are receiving this because you were mentioned.Message ID: @.***>
KendallDoesCoding
commented
2 years ago Thanks Tom
Description
Add a security policy to report security vulnerabilities. This can be added by creating SECURITY.MD preferably in the .github directory.
Screenshots
No response
Additional information
I'll be down to work on this, just provide me where users can report security issues, in discord, email or in this repo itself.
cc: @emmalearnscode @Panquesito7 @eddiejaoude