search

SAML-Toolkits / ruby-saml

SAML SSO for Ruby
https://developers.onelogin.com/v1.0/page/saml-toolkit-for-ruby-on-rails
MIT License
898 stars 561 forks source link

Add secure channel for security incident reporting #649

Closed johnnyshields closed 1 year ago

johnnyshields commented 1 year ago

After move to SAML-toolkits, the readme now says:

## Security Guidelines

If you believe you have discovered a security vulnerability in this gem, please report it
as an issue

This is not ideal. There should be a private channel for vulnerability disclosure, e.g. an email would be fine.