mirror of
https://github.com/samsonjs/agate.git
synced 2026-03-25 09:05:50 +00:00
add security policy
This commit is contained in:
Johann150
GitHub
parent
7cd245c79e
commit
f725f885d0
1 changed files with 28 additions and 0 deletions
28
SECURITY.md
Normal file
28
SECURITY.md
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
# Security Policy
|
||||||
|
|
||||||
|
## Supported Versions
|
||||||
|
|
||||||
|
Only the latest version of Agate is supported at any time.
|
||||||
|
|
||||||
|
## Reporting a Vulnerability
|
||||||
|
|
||||||
|
Please report issues that you deem to be a security issue by email to johann at qwertqwefsday.eu.
|
||||||
|
|
||||||
|
You may use OpenPGP encryption with the public key available at either
|
||||||
|
- <https://github.com/Johann150/Johann150/blob/main/johann-qwertqwefsday-eu.asc>
|
||||||
|
- through web key discovery, e.g. `gpg --locate-keys ...`
|
||||||
|
- or the above manually at <https://qwertqwefsday.eu/.well-known/openpgpkey/hu/spd3xecxhotzgyu1p3eqdqdp31ba6rif>
|
||||||
|
|
||||||
|
All these public keys should be identical. If you wish for an encrypted response, include instructions on how to obtain your public key in the email.
|
||||||
|
|
||||||
|
Please allow at least 24 hours for a response.
|
||||||
|
If your issue is easy to fix, you might not get a response until the issue is fixed.
|
||||||
|
Otherwise, the receipt of your report should be acknowledged.
|
||||||
|
|
||||||
|
If you did not receive a reply within the above time frame, please email another maintainer listed in the `Cargo.toml` file, citing that you did not yet receive a reply.
|
||||||
|
Only limited support may be available.
|
||||||
|
|
||||||
|
## Compensation
|
||||||
|
|
||||||
|
There is no bug bounty or other rewards program.
|
||||||
|
At your option, you may be mentioned by your name or pseudonym in the changelog.
|
||||||
Loading…
Reference in a new issue