STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix SECURITY.md

Browse source
This commit is contained in:
Mislav Marohnić 2022-11-09 20:07:56 +01:00
parent f048eb9061
commit 30ad3f0fd1
No known key found for this signature in database
2 changed files with 12 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

13
.github/SECURITY.md vendored
View file

@ -1,3 +1,14 @@
If you discover a security issue in this repository, please submit it through the [GitHub Security Bug Bounty](https://hackerone.com/github).
GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [cli](https://github.com/cli).
If you believe you have found a security vulnerability in GitHub CLI, you can report it to us in one of two ways:
* Report it to this repository directly using [private vulnerability reporting][]. Such reports are not eligible for a bounty reward.
* Submit the report through [HackerOne][] to be eligible for a bounty reward.
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
Thanks for helping make GitHub safe for everyone.
[private vulnerability reporting]: https://github.com/cli/cli/security/advisories
[HackerOne]: https://hackerone.com/github

11
SECURITY.md
View file

@ -1,11 +0,0 @@
GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award.
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
Thanks for helping make GitHub safe for everyone.