Upload / Up1

Client-side encrypted image host web server
MIT License
812 stars 98 forks source link

Reporting a vulnerability #75

Open iarce-qb opened 3 years ago

iarce-qb commented 3 years ago

Hi

By looking at the project's activity page it seems that currently it is not actively maintained.

Is there a specific way to report security bugs in the project or should I just open issues ?

andre-d commented 3 years ago

This repository is unmaintained. However, is the issue with a dependency version being out of date or is it with this codebase?

If with this codebase feel free to make an issue so that if someone is using this project they may see it.

If this issue is with a dep version the unmaintained nature of the project likely covers that.

On Mon., Jan. 25, 2021, 10:46 a.m. iarce-qb, notifications@github.com wrote:

Hi

By looking at the project's activity page it seems that currently it is not actively maintained.

Is there a specific way to report security bugs in the project or should I just open issues ?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/Upload/Up1/issues/75, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAFOLMRAT6NYEK3ITSTXPMDS3WG3PANCNFSM4WR6HBPA .

k3d3 commented 3 years ago

This repo has been left unmaintained for a while, but I don't mind making security fixes whether it's dependency-related or not.

In either case, I don't believe we have a working email for security notices at the moment, so for now it's best to make a new issue for it.