Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Who to contact for security issues #67

Open
benharvie opened this issue Oct 29, 2022 · 3 comments
Open

Who to contact for security issues #67

benharvie opened this issue Oct 29, 2022 · 3 comments

Comments

@benharvie
Copy link

Hello 👋

I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@evanottinger) has found a potential issue, which I would be eager to share with you.

Could you add a SECURITY.md file with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.

Looking forward to hearing from you 👍

(cc @huntr-helper)

@ethanchewy
Copy link
Owner

sure - feel free to shoot me an email at [email protected]

I published this back in 2016 so haven't been too active maintaining it but happy to hear any feedback.

@ethanchewy
Copy link
Owner

Ålso feel free to open a PR with the security fix you have in mind. In the readme, I do mention alternatives that users can use to better secure their own version of PythonBuddy.

@ethanchewy
Copy link
Owner

I couldn't open the link that you sent via email. It times out when I copy and paste it in incognito.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants