mirror of
https://github.com/martinvonz/jj.git
synced 2024-12-24 12:48:55 +00:00
docs: update SECURITY.md now that we've enabled vulnerability reporting
We enabled GitHub's private vulnerability reporting a few weeks or months ago (for CVE-2024-51990), so there's no need to email about vulnerabilities anymore.
This commit is contained in:
parent
1ceda1fb89
commit
db5e7dd70c
1 changed files with 7 additions and 7 deletions
14
SECURITY.md
14
SECURITY.md
|
@ -1,7 +1,7 @@
|
|||
To report a security issue, please
|
||||
email Jujutsu VCS Security at <jj-security@googlegroups.com>
|
||||
with a description of the issue, the steps you took to create the issue,
|
||||
affected versions, and, if known, mitigations for the issue. Our vulnerability
|
||||
management team will respond within 3 working days of your email. If the issue
|
||||
is confirmed as a vulnerability, we will open a Security Advisory. This project
|
||||
follows a 90 day disclosure timeline.
|
||||
To report a security issue, please use the "Report a vulnerability" button on
|
||||
this page. Our vulnerability management team will respond within 3 working days
|
||||
of your report. If the issue is confirmed as a vulnerability, we will open a
|
||||
Security Advisory. This project follows a 90 day disclosure timeline.
|
||||
|
||||
Feel free to email Jujutsu VCS Security at <jj-security@googlegroups.com> if you
|
||||
have questions.
|
||||
|
|
Loading…
Reference in a new issue