mirror of
https://github.com/FlamedDogo99/EaglerMobile.git
synced 2024-11-21 19:46:05 -08:00
Create SECURITY.md
This commit is contained in:
parent
d5a6a23bfd
commit
9cb4aaeac2
23
SECURITY.md
Normal file
23
SECURITY.md
Normal file
|
@ -0,0 +1,23 @@
|
|||
# Security Policy
|
||||
|
||||
## Supported Versions
|
||||
|
||||
The most recent release of the Eagler Mobile script should be secure, and that is the top priority of the Eagler Mobile open source project.
|
||||
|
||||
Vulnerabilities found on other repositories belonging to the GitHub organization are also considered.
|
||||
|
||||
Vulnerabilities that only affect unsupported browsers will also be considered, but will not be triaged as critical.
|
||||
|
||||
## Reporting a vulnerability
|
||||
|
||||
To report a security vulnerability, either use the [GitHub vulnerability report form](https://github.com/FlamedDogo99/EaglerMobile/security/advisories) ("report a vulnerability" button) or privatley contact `kearen@dougsamsel.com`.
|
||||
|
||||
**Do not report vulnerabilities publicly.** A short period of time after the patch is released, the details of the vulnerability will be publicly disclosed on GitHub. The reporter may ask to stay anonymous, otherwise they will be credited for the finding.
|
||||
|
||||
If there's no response after 48 hours, please [open a GitHub discussion](https://github.com/FlamedDogo99/EaglerMobile/discussions) titled "I've reported a security vulnerability" on the FlamedDogo99/EaglerMobile GitHub repository. Do not disclose the details of the vulnerability publicly, only mention that you've reported one recently to the report form or the appropriate email address.
|
||||
|
||||
English is the preferred language for vulnerability reports.
|
||||
|
||||
## Vulnerabilities disclosed
|
||||
|
||||
See our advisories that we have published for vulnerabilities that we have disclosed on [this page](https://github.com/FlamedDogo99/EaglerMobile/security/advisories?state=published).
|
Loading…
Reference in New Issue
Block a user