Sync-Repos/docs/SECURITY.md

17 lines
776 B
Markdown
Raw Permalink Normal View History

2022-03-01 23:15:56 +00:00
# Security Policy
## Reporting a Vulnerability
If there are any vulnerabilities in **Sync-Repos**, don't hesitate to _report them_.
1. Use any of the [private contact addresses](https://gitdab.com/cvoges12/Sync-Repos#support).
2. Describe the vulnerability.
If you have a fix, that is most welcome -- please attach or summarize it in your message!
3. We will evaluate the vulnerability and, if necessary, release a fix or mitigating steps to address it. We will contact you to let you know the outcome, and will credit you in the report.
Please **do not disclose the vulnerability publicly** until a fix is released!
4. Once we have either a) published a fix, or b) declined to address the vulnerability for whatever reason, you are free to publicly disclose it.