Provide details for security contactSee original GitHub issue
As cybersecurity researchers, we need to respond swiftly to security issues to ensure that our users are safe.
Hence, add security contact details at the following locations
.security.txtat the root of our project in compliance with the https://securitytxt.org draft RFC specification for machine parsing and human consumption
SECURITY.mdat the root of our project for human consumption
We would need to have contact details of e.g. an active community dev
We may also want to apply this to other projects we develop
- Created 5 years ago
- Comments:5 (5 by maintainers)
Top GitHub Comments
Building on what @Sh3llcod3 said, there isn’t actually anything there to exploit for most of the things. The main site is just serving static HTML files and the app is just referencing a cloud storage bucket. If you wrote the files, we would consider implementing them, but if you’ve found a vulnerability affecting our code, you’ve likely found something much more dangerous which should be reported through the usual channels.