Skip to content

Update SECURITY.md #7392

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update SECURITY.md #7392

wants to merge 1 commit into from
+103 −13

Conversation

@ThatGuyLLC
Copy link

The Security Council has approved a new SECURITY.md aligned with the bug-bounty process. Please update your project’s SECURITY.md with the correct links for your project and confirm that private vulnerability reporting is enabled for your repository. All bug bounty details found here:
https://opensourcecommittee.docs.intersectmbo.org/about/paid-open-source-model-posm/bug-bounty-program'

Pre-submit checklist:

  • Branch
    • Tests are provided (if possible)
    • Commit sequence broadly makes sense
    • Key commits have useful messages
    • Changelog fragments have been written (if appropriate)
    • Relevant tickets are mentioned in commit messages
    • Formatting, PNG optimization, etc. are updated
  • PR
    • (For external contributions) Corresponding issue exists and is linked in the description
    • Targeting master unless this is a cherry-pick backport
    • Self-reviewed the diff
    • Useful pull request description
    • Reviewer requested

@ThatGuyLLC
Update SECURITY.md
4039ced 
The Security Council has approved a new SECURITY.md aligned with the bug-bounty process. Please update your project’s SECURITY.md with the correct links for your project and confirm that private vulnerability reporting is enabled for your repository.
All bug bounty details found here:
https://opensourcecommittee.docs.intersectmbo.org/about/paid-open-source-model-posm/bug-bounty-program'
zliu41
zliu41 requested changes Oct 23, 2025
View reviewed changes
Copy link
Member

@zliu41 zliu41 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When someone drafts a security advisory, who will be notified, and how will they be notified?

SECURITY.md
If you discover a security vulnerability in xxxx, we encourage you to
responsibly disclose it to us. To report a vulnerability, please use
the [private reporting form on
GitHub](https://github.com/input-output-hk/mithril/security/advisories/new)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wrong repo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zliu41 zliu41 zliu41 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ThatGuyLLC @zliu41