@npmcli/template-oss 4.8.0 → 4.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/content/SECURITY.md +12 -1
- package/package.json +1 -1
package/lib/content/SECURITY.md
CHANGED
|
@@ -1 +1,12 @@
|
|
|
1
|
-
|
|
1
|
+
GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
|
|
2
|
+
|
|
3
|
+
If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
|
|
4
|
+
|
|
5
|
+
If the vulnerability you have found is *not* [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) or if you do not wish to be considered for a bounty reward, please report the issue to us directly using [private vulnerability reporting](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
|
|
6
|
+
|
|
7
|
+
If the vulnerability you have found is [in scope for the GitHub Bug Bounty Program](https://bounty.github.com/#scope) and you would like for your finding to be considered for a bounty reward, please submit the vulnerability to us through [HackerOne](https://hackerone.com/github) in order to be eligible to receive a bounty award.
|
|
8
|
+
|
|
9
|
+
**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
|
|
10
|
+
|
|
11
|
+
Thanks for helping make GitHub safe for everyone.
|
|
12
|
+
|