docs: Create SECURITY.md #5252
docs: Create SECURITY.md #5252
Conversation
SECURITY.md
Outdated
| ## Supported Versions | ||
|
|
||
| Use this section to tell people about which versions of your project are | ||
| currently being supported with security updates. | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
| | 5.1.x | :white_check_mark: | | ||
| | 5.0.x | :x: | | ||
| | 4.0.x | :white_check_mark: | | ||
| | < 4.0 | :x: | |
There was a problem hiding this comment.
Maybe this doesn't belong to "Security" problem but something like "Maintance Timetable"?
There was a problem hiding this comment.
All of this information came off of a family members router page it was injected into the page and fonts with a bad certificate ..the whole page.
How can I get the vulnerabilities off of there?..
There was a problem hiding this comment.
All of this information came off of a family members router page it was injected into the page and fonts with a bad certificate ..the whole page. How can I get the vulnerabilities off of there?..
You can directly leave your info by sending a message directly to fengmk2@gmail.com, he is the leader of the project, if u confirm this has something to do with the vulnerabilities, plz attach the img if possible.
There was a problem hiding this comment.
Maybe this doesn't belong to "Security" problem but something like "Maintance Timetable"?
Is there anything I can do to get this off my router login page and get it to stop touting through all my apps?
There was a problem hiding this comment.
All of this information came off of a family members router page it was injected into the page and fonts with a bad certificate ..the whole page. How can I get the vulnerabilities off of there?..
You can directly leave your info by sending a message directly to fengmk2@gmail.com, he is the leader of the project, if u confirm this has something to do with the vulnerabilities, plz attach the img if possible.
I have had it in there a long time I was trying to upload files so people would know what was put on there because of course every technician at Hughes net will say it's not their fault or they don't see a problem.. it looks like someone maybe be just spying/ routing my data
SECURITY.md
Outdated
| ## Reporting a Vulnerability | ||
|
|
||
| Use this section to tell people how to report a vulnerability. | ||
|
|
||
| Tell them where to go, how often they can expect to get an update on a | ||
| reported vulnerability, what to expect if the vulnerability is accepted or | ||
| declined, etc. |
There was a problem hiding this comment.
This looks nice to me, but it could be possible:
-
Please change the rough skeleton into a real, detailled security info article (Maybe this should wait for the response from the other members of Eggjs).
-
@eggjs/core :Any info or feedback email address of security info feedback? Where could we feedback if anything unsafe?
|
来晚了,挺好的,目前我们没有公共的邮箱,安全漏洞反馈联系人可以直接写我的邮箱 |
|
@SilverStars03:很可惜你的回复被关闭,我想再次帮助你打开,可否在得空的时候继续提供帮助呢?fengmk2已经提供了一个专门反馈安全的电邮。 |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #5252 +/- ##
=======================================
Coverage 99.86% 99.86%
=======================================
Files 36 36
Lines 3601 3601
Branches 516 516
=======================================
Hits 3596 3596
Misses 5 5 ☔ View full report in Codecov by Sentry. |
Checklist
npm testpassesAffected core subsystem(s)
Description of change