💬 Discussion | Add Security Policy (SECURITY.MD) #988
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#988
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Since privacytools.io has somewhat recently become a service provider, I suggest we have an official bug reporting policy.
I know we entirely/mostly host existing projects, but it is possible we could have misconfigurations in the server or hosted software. Since we are handling private information, we should have an avenue for people to report issues.
Github supports adding a security policy file to projects: see docs on this. The policy would be visible in the file and here
Secondarily, I suggest we add a security.txt file on the main website, which is a recent standard. I could see an argument to not add this file because it arguably results in few productive reports, as indicated by this hacker news discussion
Obviously, a few things would have to be out of scope:
@JonahAragon