Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[✨] How to contact for security issues & Adding security policy #6203

Closed
arkark opened this issue May 1, 2024 · 4 comments · Fixed by #6384
Closed

[✨] How to contact for security issues & Adding security policy #6203

arkark opened this issue May 1, 2024 · 4 comments · Fixed by #6384
Assignees
@shairez
Labels
TYPE: enhancement New feature or request

Comments

@arkark
Copy link

arkark commented May 1, 2024

Is your feature request related to a problem?

I found a security issue in Qwik, but I could not find the way to contact Qwik authors privately.
May I ask you to tell me a contact method you prefer?

Describe the solution you'd like

I suggest you to put SECURITY.md (a security policy) at the root.

As another choice, if the project authors enable "Private vulnerability reporting" on GitHub, I can report the issue privately.

Describe alternatives you've considered

Additional context

No response
@arkark arkark added STATUS-1: needs triage New issue which needs to be triaged TYPE: enhancement New feature or request labels May 1, 2024
@arkark arkark changed the title [✨] Adding security policy [✨] How to contact for security issues & Adding security policy May 7, 2024
@arkark
Copy link
Author

arkark commented May 9, 2024

I updated the title, and does anyone have this issue?

Sorry to bother you.

@shairez
Copy link
Contributor

shairez commented May 24, 2024

Thanks @arkark !
We'll add a way to submit security issues and a SECURITY.md file
Will update here once it's ready

@shairez shairez added STATUS-2: team is working on this Scheduled for work by the core team and removed STATUS-1: needs triage New issue which needs to be triaged labels May 24, 2024
@shairez shairez self-assigned this May 24, 2024
@shairez shairez mentioned this issue May 25, 2024
Merged
3 tasks
@github-project-automation github-project-automation bot moved this from Backlog to Done in Qwik Development May 25, 2024
@shairez
Copy link
Contributor

shairez commented May 25, 2024

@arkark you can now report security issues -

https://github.com/QwikDev/qwik/blob/main/SECURITY.md

Thanks again!

@shairez shairez removed the STATUS-2: team is working on this Scheduled for work by the core team label May 25, 2024
@arkark
Copy link
Author

arkark commented May 25, 2024

Thank you! I'll report it in a few days.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@shairez shairez

Labels
TYPE: enhancement New feature or request
Projects
Qwik Development
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs: added SECURITY.md QwikDev/qwik
2 participants
@shairez @arkark