Closed Ehren12 closed 1 year ago
vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Updated (UTC) |
|---|---|---|---|
| sinerider | ✅ Ready (Inspect) | Visit Preview | Aug 29, 2023 10:43am |
polytroper
commented
1 year ago I like the sentiment here but sinerider is by its nature unlikely to carry deep security implications. You could maybe make an argument that script injection is possible through math.js but the developers of that library have taken specific steps to mitigate this particular risk that I am satisfied with. If a vulnerability is discovered, the default github issue reporting process is sufficient (and is basically what we would tell people to do in a SECURITY.md file anyway).
Ehren12
commented
1 year ago @polytroper thanks for the feedback I really appreciate it.
Addition of a SECURITY.md file
It is crucial to address all security concerns promptly and effectively, therefore, a SECURITY.md file is important so these concerns are relayed correctly. This pull request aims to address this issue: https://github.com/hackclub/sinerider/issues/587