backups/grapevine
1
0
Fork 0
mirror of https://gitlab.computer.surgery/matrix/grapevine.git synced 2025-12-17 07:41:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

move security info to its own page

Browse source 
This makes it easier to find.

Also sort the maintainers list while I'm here.
This commit is contained in:
Charles Hall 2024-10-03 12:40:50 -07:00
parent 3a10e23d94
commit 42adad330e
No known key found for this signature in database
GPG key ID: 7B8E0645816E07CF
3 changed files with 16 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

15
book/contributing/security.md Normal file
View file

@ -0,0 +1,15 @@
# Coordinated vulnerability disclosure
If you find a security vulnerability in Grapevine, please privately report it to
the Grapevine maintainers in one of the following ways:
* Open a GitLab issue that's marked as confidential
* Create a private, invite-only, E2EE Matrix room and invite the following
users:
* `@charles:computer.surgery`
* `@olivia:computer.surgery`
* `@xiretza:xiretza.xyz`
If the maintainers determine that the vulnerability is shared with Conduit or
other forks, we'll work with their teams to ensure that all affected projects
can release a fix at the same time.