search

luckyshot / twentyfive

TwentyFive is an HTML5 time tracking web app focused on speed and simplicity that encourages you to follow the Pomodoro Technique.
https://twentyfive.js.org/
MIT License
97 stars 19 forks source link

Add a security policy #25

Open benharvie opened 1 year ago

benharvie commented 1 year ago

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@n0psn0ps) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

luckyshot commented 1 year ago

Of course! Security policy added:

https://github.com/luckyshot/twentyfive/blob/gh-pages/SECURITY.md