actions/reusable-workflows
3
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
reusable-workflows/SECURITY.md
Ivan e01737f3a2
Prepare the repo to become public (#2) 
* Add files to make repository public

* Redecorate README.md

* Redecorate README.md

* Redecorate README.md

* Redecorate README.md

* Fix review points on the README.md

Co-authored-by: Marko Zivic <100996310+marko-zivic-93@users.noreply.github.com>

* Add SUPPORT.md, fix review points

* Update README.md and SECURITY.md

* Make small fixes in SECURITY.md

Co-authored-by: Marko Zivic <100996310+marko-zivic-93@users.noreply.github.com>
2022-12-12 16:38:19 -05:00

30 lines
1.6 KiB
Markdown
Raw Permalink Blame History

## Security
GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation.
## Reporting Security Issues
If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
Instead, please send an email to opensource-security@github.com.
Please include as much of the information listed below as you can to help us better understand and resolve the issue:
* The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
* Full paths of source file(s) related to the manifestation of the issue
* The location of the affected source code (tag/branch/commit or direct URL)
* Any special configuration required to reproduce the issue
* Step-by-step instructions to reproduce the issue
* Proof-of-concept or exploit code (if possible)
* Impact of the issue, including how an attacker might exploit the issue
This information will help us triage your report more quickly.
## Policy
See [GitHub's Safe Harbor Policy](https://docs.github.com/en/github/site-policy/github-bug-bounty-program-legal-safe-harbor#1-safe-harbor-terms)
Reference in New Issue View Git Blame Copy Permalink