Grunbok
Results
2
comments of
Grunbok
Jonathan, I'd like to get your thoughts on 2: ii which states: If the maintainer chooses not to accept the vulnerability disclosure via GHSA, the vulnerability is automatically publicly disclosed...
Well, it has to be covered under disclosure policy some how so we don't get automated CVE generation in the case of "maintainer will not fix" (or what ever term...