search

mojolicious / mojo

:sparkles: Mojolicious - Perl real-time web framework
https://mojolicious.org
Artistic License 2.0
2.66k stars 576 forks source link

Create SECURITY.md. #2151

Closed sergiotarxz closed 4 months ago

sergiotarxz commented 4 months ago

Create SECURITY.md to avoid security researchers to dive into the actual documentation searching for the correct way to send a found security bug.

Summary

Adding a file which contains where to report security issues.

Motivation

Because security researchers could otherwise findd a hard time finding for the correct email.

References

Github suggests it also.

sergiotarxz commented 4 months ago

Fixes #2152. Maybe Mojolicious contributors want to add something else to this draft file.

kraih commented 4 months ago

The core team will write the content if the file is deemed necessary.