|
2 | 2 |
|
3 | 3 | ## Introduction |
4 | 4 |
|
5 | | -The Cardano open source project (xxx) is committed to ensuring the security of |
6 | | -its software and the privacy of its users. We value the contributions |
7 | | -of the security community in helping us identify and address |
8 | | -vulnerabilities in our code. This Security Vulnerability Disclosure |
9 | | -Policy outlines how security vulnerabilities should be reported and |
10 | | -how we will respond to and remediate such reports. |
| 5 | +The Cardano open source project (`IntersectMBO/developer-experience`) is committed to ensuring the security of its software and the privacy of its users. We value the contributions of the security community in helping us identify and address vulnerabilities in our code. This Security Vulnerability Disclosure Policy outlines how security vulnerabilities should be reported and how we will respond to and remediate such reports. |
11 | 6 |
|
12 | 7 | ## Security Vulnerability Handling Process |
13 | 8 |
|
14 | 9 | ### Reporting a Vulnerability |
15 | 10 |
|
16 | | -If you discover a security vulnerability in xxxx, we encourage you to |
17 | | -responsibly disclose it to us. To report a vulnerability, please use |
18 | | -the [private reporting form on |
19 | | -GitHub](https://github.com/input-output-hk/mithril/security/advisories/new) |
20 | | -to draft a new _Security advisory_. |
| 11 | +If you discover a security vulnerability in the Developer Experience repository, we encourage you to responsibly disclose it to us. To report a vulnerability, please use |
| 12 | +the [private reporting form on GitHub](https://github.com/input-output-hk/mithril/security/advisories/new) to draft a new _Security advisory_. |
21 | 13 |
|
22 | 14 | Please include as much details as needed to clearly qualify the issue: |
23 | 15 |
|
24 | 16 | - A description of the vulnerability and its potential impact. |
25 | 17 | - Steps to reproduce the vulnerability. |
26 | | -- The version of `xxxx` package where the vulnerability exists. |
| 18 | +- The version of the package where the vulnerability exists. |
27 | 19 | - Any relevant proof-of-concept or exploit code (if applicable). |
28 | 20 |
|
29 | 21 | ### Processing Vulnerability |
@@ -90,17 +82,17 @@ report security vulnerabilities to us. |
90 | 82 | ## Contact Information |
91 | 83 |
|
92 | 84 | To report a security vulnerability, please use [GitHub |
93 | | -form ]( (add project github form for your project)). Should you experience any issues reporting via GitHub or have other questions, Please contact [Security]([email protected]). |
| 85 | +form ](https://github.com/input-output-hk/mithril/security/advisories/new). Should you experience any issues reporting via GitHub or have other questions, Please contact [email protected]. |
94 | 86 |
|
95 | 87 | ## Revision of Policy |
96 | 88 |
|
97 | 89 | This Security Vulnerability Disclosure Policy may be updated or |
98 | 90 | revised as necessary. Please check the latest version of this policy |
99 | | -on the [xxxx repository]((add link for your project)). |
| 91 | +on the [Developer Experience repository](https://github.com/IntersectMBO/developer-experience/blob/main/SECURITY.md). |
100 | 92 |
|
101 | 93 | ## Conclusion |
102 | 94 |
|
103 | | -The xxxx project greatly appreciates the assistance of the security |
| 95 | +The Developer Experience project greatly appreciates the assistance of the security |
104 | 96 | community in helping us maintain the security of our software while |
105 | 97 | upholding the highest standards of privacy. Together, we can work to |
106 | 98 | identify and address vulnerabilities, ensuring a safer and more secure |
|
0 commit comments