slidev icon indicating copy to clipboard operation
slidev copied to clipboard
Published 1 month ago verified publisher icon slidevjs

Responsible disclosure policy

Open JamieSlome opened this issue 4 years ago • 2 comments

Hey there!

I belong to an open source security research community, and a member (@r0hansh) has found an issue, but doesn’t know the best way to disclose it.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

JamieSlome avatar Jan 04 '22 14:01 JamieSlome

Hi @antfu please have a look at this issue

r0hanSH avatar Jan 18 '22 17:01 r0hanSH

Just for reference, you can view the report here:

https://huntr.dev/bounties/cf6d24dd-2497-498a-b0ab-27c9329a934e/

It is private and only accessible to maintainers with repository write permissions.

JamieSlome avatar Jan 18 '22 17:01 JamieSlome

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Sep 14 '22 17:09 stale[bot]