mirror of
https://github.com/starship/starship.git
synced 2026-06-20 02:02:07 +07:00
Josef Andersson
30 lines
1.1 KiB
Markdown
30 lines
1.1 KiB
Markdown
# Security Reporting
|
|
|
|
If you wish to report a security vulnerability privately, we appreciate your diligence. Please follow the guidelines below to submit your report.
|
|
|
|
## Reporting
|
|
|
|
To report a security vulnerability, please provide the following information:
|
|
|
|
1. **PUBLIC**
|
|
- Indicate whether this vulnerability has already been publicly discussed or disclosed.
|
|
- If so, provide relevant links.
|
|
|
|
2. **DESCRIPTION**
|
|
- Provide a detailed description of the security vulnerability.
|
|
- Include as much information as possible to help us understand and address the issue.
|
|
|
|
Report this, along with any additional relevant details in [GitHub Advisory](https://github.com/starship/starship/security/advisories/new).
|
|
|
|
## Confidentiality
|
|
|
|
We kindly ask you to keep the report confidential until a public announcement is made.
|
|
|
|
## Notes
|
|
|
|
- Vulnerabilities will be handled on a best-effort basis.
|
|
- You will be notified, via your GitHub Advisory report, about eventual patches.
|
|
- We will respond within a few weeks to confirm whether your report has been accepted or rejected.
|
|
|
|
Thank you for helping to improve the security of Starship!
|