Create SECURITY.md (#1719)
* Create SECURITY.md * Format fix * Update SECURITY.md * Update SECURITY.md * Update SECURITY.md Co-authored-by: Paul D'Ambra <paul.dambra@gmail.com> * Update SECURITY.md mention the google group is private * Update SECURITY.md * Update SECURITY.md formatting --------- Co-authored-by: Yun Feng <yun.feng0817@gmail.com> Co-authored-by: Paul D'Ambra <paul.dambra@gmail.com> Co-authored-by: Eoghan Murray <eoghan@getthere.ie>
This commit is contained in:
Rotem Reiss
15
SECURITY.md
Normal file
15
SECURITY.md
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
# Vulnerability Disclosure Policy
|
||||||
|
|
||||||
|
This document outlines rrweb's vulnerability disclosure policy.
|
||||||
|
|
||||||
|
## Reporting a Vulnerability
|
||||||
|
|
||||||
|
Please do not report security vulnerabilities through public GitHub issues.
|
||||||
|
Instead, please report them to our GitHub Security page. If you prefer to submit one without using GitHub, you can also email the
|
||||||
|
private Google Group rrweb-security@googlegroups.com, which will go to the core team members only. We commit to acknowledging
|
||||||
|
vulnerability reports and will work to fix active vulnerabilities as soon as we can (noting this is a community run project).
|
||||||
|
|
||||||
|
We will publish resolved vulnerabilities as security advisories on our GitHub security page.
|
||||||
|
|
||||||
|
We appreciate your help in making rrweb more secure for everyone.
|
||||||
|
Thank you for your support and responsible disclosure.
|
||||||
Reference in New Issue
Block a user