Open JamieSlome opened 1 year ago
I don't really understand why this file is needed. Any examples of this file?
@yumata - it ensures that we are contacting an e-mail address that has been suggested by the maintainer(s) by someone with the ability to create a SECURITY.md
.
That said, you can also view the report directly here: https://huntr.dev/bounties/aab2530a-f12b-4cf6-b769-9000fe036970/
It is currently private and only accessible to you (@yumata) 👍
Added.
@yumata - thanks for your diligence :)
Have you had an opportunity to take a look at the report?
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@nerrorsec) has found a potential issue, which I would be eager to share with you.
Could you add a
SECURITY.md
file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.Looking forward to hearing from you 👍
(cc @huntr-helper)