docs: update SECURITY.md

This commit is contained in:
naskya 2024-03-19 02:11:11 +09:00
parent 975598c91d
commit 7220cce8bc
No known key found for this signature in database
GPG key ID: 712D413B3A9FED5C

View file

@ -1,16 +1,5 @@
# Reporting Security Issues
## Minor Security Issues
If you discover a minor security issue in Firefish, please report it by sending an
email to [kainoa@t1c.dev](mailto:kainoa@t1c.dev).
## High Security Issues
If you discover a security issue, which is so high risk, that too much is affected by it, please dont send it over unencrypted communication. You can share your PGP keys with us using kainoa@t1c.dev and after we established a secure communication, send it over E-Mail, or message us using matrix' encrypted private messages at @t1c:matrix.fedibird.com or @cleo:tchncs.de
This will allow us to assess the risk, and make a fix available before we add a
bug report to the Codeberg repository.
If you discover a security issue, please report it as a confidential issue. You can create a confidential issue by checking the "This issue is confidential and should only be visible to team members with at least Reporter access." checkbox in <https://firefish.dev/firefish/firefish/-/issues/new>.
Thanks for helping make Firefish safe for everyone.