forked from extern/httpie-cli
Tweak SECURITY and add a Security policy section to docs
This commit is contained in:
parent
614866eeb2
commit
0a873172c9
18
SECURITY.md
18
SECURITY.md
@ -1,10 +1,14 @@
|
||||
# Security Policy
|
||||
# Security policy
|
||||
|
||||
## Reporting a Vulnerability
|
||||
## Reporting a vulnerability
|
||||
|
||||
To report a vulnerability, please send an email to `security@httpie.io` describing the:
|
||||
When you identify a vulnerability in HTTPie, please report it privately using one of the following channels:
|
||||
|
||||
- The description of the vulnerability itself
|
||||
- A short reproducer to verify it (you can submit a small HTTP server, a shell script, a docker image etc.)
|
||||
- The severity level classification (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
|
||||
- If associated with any, the [CWE](https://cwe.mitre.org/) ID.
|
||||
- Email to [`security@httpie.io`](mailto:security@httpie.io)
|
||||
- Report on [huntr.dev](https://huntr.dev/)
|
||||
|
||||
In addition to the description of the vulnerability, please include also:
|
||||
|
||||
- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.)
|
||||
- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
|
||||
- [CWE](https://cwe.mitre.org/) ID, if available.
|
||||
|
@ -2532,6 +2532,10 @@ Helpers to convert from other client tools:
|
||||
|
||||
See [CONTRIBUTING](https://github.com/httpie/httpie/blob/master/CONTRIBUTING.md).
|
||||
|
||||
### Security policy
|
||||
|
||||
See [github.com/httpie/httpie/security/policy](https://github.com/httpie/httpie/security/policy).
|
||||
|
||||
### Change log
|
||||
|
||||
See [CHANGELOG](https://github.com/httpie/httpie/blob/master/CHANGELOG.md).
|
||||
|
Loading…
Reference in New Issue
Block a user