-
-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: Create SECURITY.md #5252
docs: Create SECURITY.md #5252
Conversation
SECURITY.md
Outdated
## Supported Versions | ||
|
||
Use this section to tell people about which versions of your project are | ||
currently being supported with security updates. | ||
|
||
| Version | Supported | | ||
| ------- | ------------------ | | ||
| 5.1.x | :white_check_mark: | | ||
| 5.0.x | :x: | | ||
| 4.0.x | :white_check_mark: | | ||
| < 4.0 | :x: | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe this doesn't belong to "Security" problem but something like "Maintance Timetable"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All of this information came off of a family members router page it was injected into the page and fonts with a bad certificate ..the whole page.
How can I get the vulnerabilities off of there?..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All of this information came off of a family members router page it was injected into the page and fonts with a bad certificate ..the whole page. How can I get the vulnerabilities off of there?..
You can directly leave your info by sending a message directly to [email protected], he is the leader of the project, if u confirm this has something to do with the vulnerabilities, plz attach the img if possible.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe this doesn't belong to "Security" problem but something like "Maintance Timetable"?
Is there anything I can do to get this off my router login page and get it to stop touting through all my apps?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All of this information came off of a family members router page it was injected into the page and fonts with a bad certificate ..the whole page. How can I get the vulnerabilities off of there?..
You can directly leave your info by sending a message directly to [email protected], he is the leader of the project, if u confirm this has something to do with the vulnerabilities, plz attach the img if possible.
I have had it in there a long time I was trying to upload files so people would know what was put on there because of course every technician at Hughes net will say it's not their fault or they don't see a problem.. it looks like someone maybe be just spying/ routing my data
SECURITY.md
Outdated
## Reporting a Vulnerability | ||
|
||
Use this section to tell people how to report a vulnerability. | ||
|
||
Tell them where to go, how often they can expect to get an update on a | ||
reported vulnerability, what to expect if the vulnerability is accepted or | ||
declined, etc. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks nice to me, but it could be possible:
-
Please change the rough skeleton into a real, detailled security info article (Maybe this should wait for the response from the other members of Eggjs).
-
@eggjs/core :Any info or feedback email address of security info feedback? Where could we feedback if anything unsafe?
来晚了,挺好的,目前我们没有公共的邮箱,安全漏洞反馈联系人可以直接写我的邮箱 |
@SilverStars03:很可惜你的回复被关闭,我想再次帮助你打开,可否在得空的时候继续提供帮助呢?fengmk2已经提供了一个专门反馈安全的电邮。 |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #5252 +/- ##
=======================================
Coverage 99.86% 99.86%
=======================================
Files 36 36
Lines 3601 3601
Branches 516 516
=======================================
Hits 3596 3596
Misses 5 5 ☔ View full report in Codecov by Sentry. |
Checklist
npm test
passesAffected core subsystem(s)
Description of change