PrivateCoffee/security.private.coffee
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat(security): add security.txt for reporting

Browse source 
issues

Introduced a security.txt file to provide a standard way for security
researchers to report vulnerabilities. The file specifies contact
information, preferred languages, and encryption details for secure
communication. This addition aligns with best practices for open-source
projects, enhancing our project's security posture.

- Establishes a clear communication channel for security issues.
- Encourages responsible disclosure by providing encryption options.
- Helps to streamline the vulnerability reporting process.

This change is in line with the security recommendations for modern web
services and applications.
This commit is contained in:
Kumi 2024-03-15 10:46:36 +01:00
parent 61551b8829
commit 12c95b07d3
Signed by: kumi
GPG key ID: ECBCC9082395383F
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
security.txt Normal file
View file

@ -0,0 +1,15 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Contact: mailto:support@private.coffee
Preferred-Languages: en, de
Encryption: https://security.private.coffee/security@private.coffee.pub
Canonical: https://security.private.coffee/security.txt
Signed by: https://security.private.coffee/security@private.coffee.pub
-----BEGIN PGP SIGNATURE-----
iI4EARYIADYWIQR8+ffWeJVvJW3sPVIzxXDbF7H3lgUCZfQYvRgcc2VjdXJpdHlA
cHJpdmF0ZS5jb2ZmZWUACgkQM8Vw2xex95ZAUwEA7tZJDZj7E/SLgxMguyKHZ0cg
76oOQSEWzXumiVYlTOgBALQtAPHxGxbOxvDEJ1I8JzSUcYNV9ILx3ugWtM5FuoIN
=e9Q0
-----END PGP SIGNATURE-----