cybercyst/jj
1
0
Fork 0
mirror of https://github.com/martinvonz/jj.git synced 2025-05-05 15:32:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
jj/SECURITY.md
Ilya Grigoriev 6c2ad68330 SECURITY.md: insert an explicit URL 
The previous "on this page" statement is wrong more often than not.
Unfortunately there is no "Report a vulnerability" button on
https://github.com/jj-vcs/jj/security/policy, and looking for such a
button from https://github.com/jj-vcs/jj?tab=security-ov-file leads to
confusion.

This is not the end of the world, but I don't see much security downside
to clarifying it (that is, I don't think *not* having a link protects
against phishing in any real way).
2025-02-07 05:09:28 +00:00

507 B
Raw Blame History

To report a security issue, please use the "Report a vulnerability" button on GitHub's Security tab for jj's main repo, under Advisories.

Our vulnerability management team will respond within 3 working days of your report. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.

Feel free to email Jujutsu VCS Security at jj-security@googlegroups.com if you have questions.