grav-learn
grav-learn copied to clipboard
getgrav
security reports
I was just evaluating Grav and was wondering how it handles security issues and ran into a problem.
This page... https://learn.getgrav.org/security/overview
Links to a /security/reports page that 404's... https://learn.getgrav.org/security/overview
If I read this correctly, the page is not published (hence the 404).
---
title: Reports
published: false
taxonomy:
category: docs
content:
items: '@self.children'
order:
by: date
dir: desc
limit: 10
pagination: true
process:
markdown: true
twig: true
twig_first: true
---
This is the public repository for security reports for Grav. Below are the most recent reports that have been submitted and processed.
{% for p in page.collection %}
<a href="{{ p.url }}">
<h4>{{ p.title }}</h4>
</a>
{% endfor %}
Indeed, this is as intended, per #472. Grav has yet to receive a confirmed security-flaw - that can be contributed directly to Grav - and as such there are no reports yet. When a confirmed report is in place, it will be the first page there, and follow the example template.
As it happens, the first report was just published at https://learn.getgrav.org/security/reports/2018-06-11.
