diff --git a/content/manuals/dhi/about/_index.md b/content/manuals/dhi/about/_index.md index a449c40fab25..1bfa70100e62 100644 --- a/content/manuals/dhi/about/_index.md +++ b/content/manuals/dhi/about/_index.md @@ -20,6 +20,10 @@ params: description: Learn about the different image types, distributions, and variants offered in the Docker Hardened Images catalog. icon: view_module link: /dhi/about/available/ + - title: Questions, bugs, feedback + icon: question_exchange + description: We welcome all contributions and feedback — whether it’s a bug report, feature suggestion, or security concern. + link: /dhi/about/feedback --- Docker Hardened Images (DHIs) are purpose-built for security, compliance, and @@ -32,4 +36,4 @@ containerized workloads. {{< grid items="grid_about" ->}} \ No newline at end of file +>}} diff --git a/content/manuals/dhi/about/feedback.md b/content/manuals/dhi/about/feedback.md new file mode 100644 index 000000000000..ea07ef5e8111 --- /dev/null +++ b/content/manuals/dhi/about/feedback.md @@ -0,0 +1,40 @@ +--- +title: Questions, bugs, feedback +linkTitle: Feedback +description: How to interact with the DHI team +keywords: software supply chain security, feedback, bugs, discussion, questions +weight: 21 +--- + +Committed to maintaining the quality, security, and reliability of the Docker Hardened Images (DHI) +a repository has been created as a point of contact to encourage the community to collaborate +in improving the Hardened Images ecosystem. + +## Questions or discussions + +You can use the [GitHub Discussions board](https://github.com/docker-hardened-images/discussion) to engage with the DHI +team for + +- General questions about DHIs +- Best practices and recommendations +- Security tips and advice +- Show and tell your implementations +- Community announcements + +## Reporting Bugs or Issues + +You can [open a new issue](https://github.com/docker-hardened-images/discussion/issues/) for topics such as + +- Bug reports +- Feature requests +- Documentation improvements +- Security vulnerabilities (see security policy) + +It's encouraged to first search existing issues to see if it’s already been reported. +The DHI team reviews reports regularly and appreciates clear, actionable feedback. + +## Responsible Security Disclosure + +It is forbidden to post details of vulnerabilities before coordinated disclosure and resolution. + +If you discover a security vulnerability, kindly report it responsibly by following Docker’s [security disclosure](https://www.docker.com/trust/vulnerability-disclosure-policy/).