Closed joker314 closed 6 years ago
Hi, I'd like to take care of this issue! (This would be my first contribution)
@beatriceo Go ahead! If you need any help, please feel free to ask.
Hi, it seems that I don't have access.
@beatriceo That's right! You need to push to your fork (https://github.com/beatriceo/DiscordBot)
Try
git remote set-url origin https://github.com/beatriceo/DiscordBot.git/
Then, you may run the git push origin add-security-txt
command to push this to your fork.
After that, you'll need to go to the GitHub online interface in order to create a pull request. 🙂
@beatriceo You cannot push directly to the repo, you are required to fork the repository and then push your changes in a new branch then open a pull request comparing the forked branch to the actual repo that we will than merge if it is approved.
Here is some links to fork the repo and open a pull request: https://blog.scottlowe.org/2015/01/27/using-fork-branch-git-workflow/ https://help.github.com/articles/creating-a-pull-request-from-a-fork/
@beatriceo Thanks for the contribution!
🗺 Overview
Security is really important. We already have a contact email for code-of-conduct violations. We're now using it for security vulnerability reporting too, I guess. Now, we need to add this email to a standardised file so that tools that security researchers might use can pick up on it (also, so that security researchers who are looking can easily find this contact email)
📚 Description
This is the email:
It needs to be added to a new file called
.security.txt
which should be in the top-level directory (that is, it shouldn't be in any folders)This file should look like this:
📂 Relevant files
.security.txt
(new)🔗 Find out more
About security.txt