forked from aniani/vim
6ec7808c4a
* Add security policy
Currently is hard to find where to report security issues,
the only mention of it is in the issue template.
4c0089d696/.github/ISSUE_TEMPLATE/bug_report.yml (L12-L15)
Adding a SECURITY.md file will make it easier to find,
it will be displayed in https://github.com/vim/vim/security.
* Mention that reports are private
9 lines
373 B
Markdown
9 lines
373 B
Markdown
# Security Policy
|
|
|
|
## Reporting a vulnerability
|
|
|
|
If you want to report a security issue, please use [huntr.dev](https://huntr.dev/bounties/disclose?target=https%3A%2F%2Fgithub.com%2Fvim%2Fvim) to privately disclose the issue to us.
|
|
They also have rewards in the form of money, swag and CVEs.
|
|
|
|
**Please don't publicly disclose the issue until it has been addressed by us.**
|