add: feedback-dhi

blueprismo · blueprismo · commit 9a94390b6ca0 · 2025-10-05T12:03:32.000+02:00
diff --git a/content/manuals/dhi/about/_index.md b/content/manuals/dhi/about/_index.md
@@ -20,6 +20,10 @@ params:
       description: Learn about the different image types, distributions, and variants offered in the Docker Hardened Images catalog.
       icon: view_module
       link: /dhi/about/available/
+    - title: Questions, bugs, feedback
+      icon: question_exchange
+      description: We welcome all contributions and feedback — whether it’s a bug report, feature suggestion, or security concern.
+      link: /dhi/about/feedback 
 ---
 
 Docker Hardened Images (DHIs) are purpose-built for security, compliance, and
@@ -32,4 +36,4 @@ containerized workloads.
 
 {{< grid
   items="grid_about"
->}}
+>}}
diff --git a/content/manuals/dhi/about/feedback.md b/content/manuals/dhi/about/feedback.md
@@ -0,0 +1,40 @@
+---
+title: Questions, bugs, feedback
+linkTitle: Feedback
+description: How to interact with the DHI team
+keywords: software supply chain security, feedback, bugs, discussion, questions
+weight: 21 
+---
+
+We’re committed to maintaining the quality, security, and reliability of the Docker Hardened Images (DHI).  
+As part of that commitment, we encourage the community to collaborate with us in improving the Hardened Images ecosystem.
+
+## Questions or discussions
+
+You can use the [GitHub Discussions board](https://github.com/docker-hardened-images/discussion) to engage with the DHI
+team for 
+
+- General questions about DHIs
+- Best practices and recommendations
+- Security tips and advice
+- Show and tell your implementations
+- Community announcements
+
+## Reporting Bugs or Issues
+
+You can [open a new issue](https://github.com/docker-hardened-images/discussion/issues/) for topics such as
+
+- Bug reports
+- Feature requests
+- Documentation improvements
+- Security vulnerabilities (see security policy)
+
+We encourage to first search existing issues to see if it’s already been reported.
+Our team reviews reports regularly and appreciates clear, actionable feedback.
+
+## Responsible Security Disclosure
+
+It is forbidden to post details of vulnerabilities before coordinated disclosure and resolution.
+
+If you discover a security vulnerability, please report it responsibly by following Docker’s [security disclosure](https://www.docker.com/trust/vulnerability-disclosure-policy/).  
+
