mirrors/jj
1
0
Fork 1
mirror of https://github.com/martinvonz/jj.git synced 2025-01-18 18:27:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

docs: update SECURITY.md now that we've enabled vulnerability reporting

Browse source 
We enabled GitHub's private vulnerability reporting a few weeks or
months ago (for CVE-2024-51990), so there's no need to email about
vulnerabilities anymore.
This commit is contained in:
Martin von Zweigbergk 2024-12-11 08:53:38 -08:00 committed by Martin von Zweigbergk
parent 1ceda1fb89
commit db5e7dd70c
1 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
SECURITY.md
View file

@ -1,7 +1,7 @@
To report a security issue, please To report a security issue, please use the "Report a vulnerability" button on
email Jujutsu VCS Security at <jj-security@googlegroups.com> this page. Our vulnerability management team will respond within 3 working days
with a description of the issue, the steps you took to create the issue, of your report. If the issue is confirmed as a vulnerability, we will open a
affected versions, and, if known, mitigations for the issue. Our vulnerability Security Advisory. This project follows a 90 day disclosure timeline.
management team will respond within 3 working days of your email. If the issue
is confirmed as a vulnerability, we will open a Security Advisory. This project Feel free to email Jujutsu VCS Security at <jj-security@googlegroups.com> if you
follows a 90 day disclosure timeline. have questions.