main
|
Last change
on this file was d24f17c, checked in by Aleksandar Panovski <apano77@…>, 15 months ago |
|
Initial commit
|
-
Property mode
set to
100644
|
|
File size:
1.1 KB
|
| Rev | Line | |
|---|
| [d24f17c] | 1 | # Security Policies and Procedures
|
|---|
| 2 |
|
|---|
| 3 | ## Reporting a Bug
|
|---|
| 4 |
|
|---|
| 5 | The `send` team and community take all security bugs seriously. Thank you
|
|---|
| 6 | for improving the security of Express. We appreciate your efforts and
|
|---|
| 7 | responsible disclosure and will make every effort to acknowledge your
|
|---|
| 8 | contributions.
|
|---|
| 9 |
|
|---|
| 10 | Report security bugs by emailing the current owner(s) of `send`. This information
|
|---|
| 11 | can be found in the npm registry using the command `npm owner ls send`.
|
|---|
| 12 | If unsure or unable to get the information from the above, open an issue
|
|---|
| 13 | in the [project issue tracker](https://github.com/pillarjs/send/issues)
|
|---|
| 14 | asking for the current contact information.
|
|---|
| 15 |
|
|---|
| 16 | To ensure the timely response to your report, please ensure that the entirety
|
|---|
| 17 | of the report is contained within the email body and not solely behind a web
|
|---|
| 18 | link or an attachment.
|
|---|
| 19 |
|
|---|
| 20 | At least one owner will acknowledge your email within 48 hours, and will send a
|
|---|
| 21 | more detailed response within 48 hours indicating the next steps in handling
|
|---|
| 22 | your report. After the initial reply to your report, the owners will
|
|---|
| 23 | endeavor to keep you informed of the progress towards a fix and full
|
|---|
| 24 | announcement, and may ask for additional information or guidance.
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
