GitHub Security Lab: Security Contact Needed #2024
Replies: 3 comments 2 replies
This comment was marked as off-topic.
This comment was marked as off-topic.
-
|
@hhyo 你看要不按她说的,这个方案: Alternatively, please add a Security Policy containing a security email address to send the details to. 这样安全报告可以邮件发给你 |
Beta Was this translation helpful? Give feedback.
-
|
Hello, I’m a GitHub employee - on my profile I have the GitHub “STAFF” badge, which is given only to GitHub employees: If you prefer, you could also enable private vulnerability reporting, which allows security researchers to contact your team directly in case of a vulnerability (available in the Security tab > Overview > Enable private vulnerability reporting). For more information about private vulnerability reporting, see GitHub docs. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for your reply! I’m not able to see the badge on mobile device, I’m a contributor of this project but have no access to repository settings, @hhyo would do the suggested settings, thanks for your contribution! |
Beta Was this translation helpful? Give feedback.
-
已启用,看了邮件确实有相关报告,被直接归档了🐟 |
Beta Was this translation helpful? Give feedback.
-
Hello,
The GitHub Security Lab team has found a potential vulnerability in Archery. Please create a Security Advisory and invite me (sylwia-budzynska) in to further disclose and discuss the vulnerability details and potential fix. Alternatively, please add a Security Policy containing a security email address to send the details to.
If you prefer to contact us by email, please reach out to [email protected] with reference to GHSL-2022-101_GHSL-2022-108.
Kind regards,
Sylwia Budzynska
GitHub Security Lab
Beta Was this translation helpful? Give feedback.
All reactions