Skip to content

Ruby now uses HackerOne for managing security vulnerability reports #1410

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 5, 2016
Merged

Ruby now uses HackerOne for managing security vulnerability reports #1410

merged 1 commit into from
Jul 5, 2016

Conversation

reedloden
Copy link
Contributor

Update security documentation to point to https://hackerone.com/ruby.

@reedloden
Copy link
Contributor Author

@tenderlove here you go :)

@hsbt
Copy link
Member

hsbt commented Jun 17, 2016

We are coordinating to use HackerOne now. Please wait to merge this.

@hsbt hsbt self-assigned this Jun 17, 2016
@shugo
Copy link
Member

shugo commented Jun 24, 2016

We should warn that only vulnerabilities of Ruby (not the website), should be reported to Hacker One, shouldn't we?

@zzak
Copy link
Member

zzak commented Jun 24, 2016

@shugo Yes, I think we should also clarify what kind of vulnerabilities should be reported

@reedloden reedloden force-pushed the security-uses-hackerone branch from feb17bb to 21751f1 Compare June 24, 2016 16:31
@reedloden
Copy link
Contributor Author

@shugo / @zzak -- I made a few changes to the text, but please feel free to provide additional language. I see you all have already made some changes to https://hackerone.com/ruby to note the scope and type of vulns.

@reedloden reedloden force-pushed the security-uses-hackerone branch from 21751f1 to a55ca9c Compare June 24, 2016 16:42
stomar
stomar reviewed Jun 26, 2016
View reviewed changes
en/security/index.md
an issue. Any valid reported problems will be published after fixes.

If you have found an issue affecting one of our websites, please
report it [here](https://github.com/ruby/www.ruby-lang.org/issues/new).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[here] -> [on GitHub] or similar

@reedloden reedloden force-pushed the security-uses-hackerone branch from a55ca9c to a770e1c Compare June 26, 2016 10:31
@reedloden
Copy link
Contributor Author

@stomar updated :)

@reedloden
Copy link
Contributor Author

Anything else blocking this, or can we get this merged? (cc @hsbt)

@hsbt
Copy link
Member

hsbt commented Jul 5, 2016

@reedloden Thank you for your update.

I confirmed your changes. It is enough for our report line. I appreciate it

@hsbt hsbt merged commit 3b5298e into ruby:master Jul 5, 2016
@yous yous mentioned this pull request Jun 3, 2022
Closed
riseshia added a commit to riseshia/www.ruby-lang.org that referenced this pull request Dec 30, 2022
@riseshia
Follow up "/en/security/index.md" (ruby#1410, ruby#2857)
f590bfe
@riseshia riseshia mentioned this pull request Dec 30, 2022
Merged
riseshia added a commit that referenced this pull request Jan 1, 2023
@riseshia @yous
Follow up documents changes (ko) (#2945)
f524041 
* Follow up "Add Remote Ruby podcasts" (#2732)

* Follow up "Updated Basecamp's success story details" (#2784)

* Follow up "Update index.md" (#2899)

* Follow up "/en/security/index.md" (#1410, #2857)

* Apply suggestions from code review

Co-authored-by: Chayoung You <yousbe@gmail.com>

* Give more detail about link

Co-authored-by: Chayoung You <yousbe@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@hsbt hsbt

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@reedloden @hsbt @shugo @zzak @stomar