Replies: 2 comments 2 replies
-
|
Currently the process is to open a bug report. probably we should create a system for security issues - for now just email me |
Beta Was this translation helpful? Give feedback.
-
|
I sent you a messages in two different emails. Thank you @bakpakin |
Beta Was this translation helpful? Give feedback.
-
|
Yes, I got your email. For general, public conversation, GitHub issues and the forum is preferable, but if you find a specific bug, send me an email. |
Beta Was this translation helpful? Give feedback.
-
|
Below is an example of Security Policy that we could use at least initially. It is inspired in Rails and Fennel Security Policies. Security PolicyReporting a VulnerabilityPlease report potential security issues to email TBD with the following information:
Your report will be acknowledged within 48 hours, and you’ll receive a more detailed response to your email within 7 days indicating the next steps in handling your report. We will try to patch the issue as soon as we can, but keep in mind we are a small team and we ask you to wait at least 30 days for a Janet release that address the issue. Supported VersionsWe currently accepts submission for the latest version. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi.
How to report security relevant issues?
Is there a plan to create a security policy to the project and keep record of advisories?
https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
https://docs.github.com/en/code-security/repository-security-advisories/creating-a-repository-security-advisory
Thank you.
Beta Was this translation helpful? Give feedback.
All reactions