If you're interested in this feature, it must be activated for your repository:
Click on this link or go to Code security & analysis section on your repo's settings.
Click "Enable" for "Private vulnerability reporting (Beta)"
If you rather not use this feature, you can also request users to report vulnerabilities to an email. If that's the case, let me know which email it would be and I can submit the change.
Additionally, feel free to edit or suggest any changes to this document, it is supposed to reflect the amount of effort the team can offer to handle vulnerabilities.
Closes #1188
I've created the SECURITY.md file considering the report vulnerability through security advisory, which is a handy new GitHub feature still in beta, but has to be enabled.
If you're interested in this feature, it must be activated for your repository:
If you rather not use this feature, you can also request users to report vulnerabilities to an email. If that's the case, let me know which email it would be and I can submit the change.
Additionally, feel free to edit or suggest any changes to this document, it is supposed to reflect the amount of effort the team can offer to handle vulnerabilities.