diff options
| author |  dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 2024-07-08 07:34:39 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2024-07-08 07:34:39 +0000 |
| commit | 5769722c583474d9ea3e346a7773261738245268 (patch) | |
| tree | 91f35f10c92ac85092857e7c618a8a2377dd11fe /vendor/github.com/microcosm-cc/bluemonday/SECURITY.md | |
| parent | [chore]: Bump golang.org/x/crypto from 0.24.0 to 0.25.0 (#3080) (diff) | |
| download | gotosocial-5769722c583474d9ea3e346a7773261738245268.tar.xz | |
[chore]: Bump github.com/microcosm-cc/bluemonday from 1.0.26 to 1.0.27 (#3081)
Diffstat (limited to 'vendor/github.com/microcosm-cc/bluemonday/SECURITY.md')
| -rw-r--r-- | vendor/github.com/microcosm-cc/bluemonday/SECURITY.md | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/vendor/github.com/microcosm-cc/bluemonday/SECURITY.md b/vendor/github.com/microcosm-cc/bluemonday/SECURITY.md index a344e7c05..682364e37 100644 --- a/vendor/github.com/microcosm-cc/bluemonday/SECURITY.md +++ b/vendor/github.com/microcosm-cc/bluemonday/SECURITY.md @@ -4,12 +4,10 @@ Latest tag and tip are supported. -Older tags remain present but changes result in new tags and are not back ported... please verify any issue against the latest tag and tip. +Changes are not backported, please verify any issue against the latest tag and tip. ## Reporting a Vulnerability -Email: <bluemonday@buro9.com> +Report vulnerabilities either via [GitHub's private reporting flow](https://github.com/microcosm-cc/bluemonday/security/advisories/new) or via email to the security@ alias of geomys.org. -Bluemonday is pure OSS and not maintained by a company. As such there is no bug bounty program but security issues will be taken seriously and resolved as soon as possible. - -The maintainer lives in the United Kingdom and whilst the email is monitored expect a reply or ACK when the maintainer is awake. +There is no bug bounty program but security issues will be taken seriously and resolved as soon as possible. |