httpie-cli/SECURITY.md

# Security policy

## Reporting a vulnerability

When you identify a vulnerability in HTTPie, please report it privately using one of the following channels:

- Email to [`security@httpie.io`](mailto:security@httpie.io)
- Report on [huntr.dev](https://huntr.dev/)

In addition to the description of the vulnerability, include the following information:

- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.)
- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
- [CWE](https://cwe.mitre.org/) ID, if available.
Tweak SECURITY and add a Security policy section to docs 2022-03-07 20:55:51 +01:00			`# Security policy`
Apply suggestions from the review 2022-03-04 12:09:16 +01:00
Tweak SECURITY and add a Security policy section to docs 2022-03-07 20:55:51 +01:00			`## Reporting a vulnerability`
Apply suggestions from the review 2022-03-04 12:09:16 +01:00
Tweak SECURITY and add a Security policy section to docs 2022-03-07 20:55:51 +01:00			`When you identify a vulnerability in HTTPie, please report it privately using one of the following channels:`
Apply suggestions from the review 2022-03-04 12:09:16 +01:00
Tweak SECURITY and add a Security policy section to docs 2022-03-07 20:55:51 +01:00			- Email to [`security@httpie.io`](mailto:security@httpie.io)
			`- Report on [huntr.dev](https://huntr.dev/)`

Tweak 2022-03-07 20:57:03 +01:00			`In addition to the description of the vulnerability, include the following information:`
Tweak SECURITY and add a Security policy section to docs 2022-03-07 20:55:51 +01:00
			`- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.)`
			- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
			`- [CWE](https://cwe.mitre.org/) ID, if available.`