search

babel / website

:globe_with_meridians: The Babel documentation website
https://babeljs.io/docs/en/index.html
MIT License
749 stars 1.31k forks source link

How to get in touch regarding a security concern #2797

Open psmoros opened 1 year ago

psmoros commented 1 year ago

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@0xdivyanshu) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

babel-bot commented 1 year ago

Hey @psmoros! We really appreciate you taking the time to report an issue. The collaborators on this project attempt to help as many people as possible, but we're a limited number of volunteers, so it's possible this won't be addressed swiftly.

If you need any help, or just have general Babel or JavaScript questions, we have a vibrant Slack community that typically always has someone willing to help. You can sign-up here for an invite.

JLHwung commented 1 year ago

Please temporarily refer to https://github.com/babel/babel/blob/main/SECURITY.md#reporting-a-vulnerability if you want to report a vulnerability. We will add a SECURITY.md later.

psmoros commented 1 year ago

Thanks will do :))