twenty
twenty copied to clipboard
twentyhq
chore: create security.txt
Adding a security.txt file enables security researchers to quickly and easily see where they can submit security issues and know that they are being taken serious. From the proposal website:
When security risks in web services are discovered by independent security researchers who understand the severity of the risk, they often lack the channels to disclose them properly. As a result, security issues may be left unreported. security.txt defines a standard to help organizations define the process for security researchers to disclose security vulnerabilities securely.
See also https://securitytxt.org
Additionally it seems like one can enable Private Reporting for Security Issues under the Security Tab. See also: https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability
CLA
Hello there and welcome to our project! By submitting your Pull Request, you acknowledge that you agree with the terms of our Contributor License Agreement. Although we don't have a dedicated legal counsel, having this kind of agreement can protect us from potential legal issues or patent trolls. Thank you for your understanding.
Generated by :no_entry_sign: dangerJS against 64de66525c36234d079e3bd5d81c96303a07e99f
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Actually I read too quickly, could you please move it here instead of the root? https://github.com/twentyhq/twenty/tree/main/packages/twenty-website/public
(As it's supposed to be on the website) Thanks!
It won't appear yet as we need to fix the settings on Cloudflare to point either to Framer or to the NextJS site depending on the URL (right now it's 100% Framer). I'll do that in Feb!