msgpack-php icon indicating copy to clipboard operation
msgpack-php copied to clipboard

Published 20 hours ago verified publisher icon msgpack

How to get in touch about a security issue?

Open zidingz opened this issue 3 years ago • 2 comments

Hey there,

As there isn't a SECURITY.md with an email on your repository, I am unsure how to contact you regarding a potential security issue.

Would you kindly add a SECURITY.md file with an e-mail to your repository? GitHub recommends this as the best way to ensure security issues are responsibly disclosed, and it would massively help security researchers get in touch next time.

Thank you so much and I look forward to hearing from you!

zidingz avatar Jul 01 '21 15:07 zidingz

I think one can email privately through github, but I agree that a formal way would be beneficial. Please poke me at [email protected] unless you've got a PR handy adding a SECURITY. md

m6w6 avatar Jul 01 '21 16:07 m6w6

Thanks for your quick response! Here's the PR: https://github.com/msgpack/msgpack-php/pull/159

An email should be with you soon 😊

zidingz avatar Jul 01 '21 17:07 zidingz