You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/pages/security.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,12 +17,12 @@ The maintainers reserve the right to make a pragmatic decision to make adjustmen
17
17
:::caution
18
18
🚨 To report a vulnerability, **DO NOT open a pull request or issue or GitHub discussion. DO NOT post publicly.**
19
19
20
-
Instead, **report the vulnerability privately** via the Security tab on the [graphql-java GitHub repository](https://github.com/graphql-java/graphql-java). See instructions at [https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
20
+
Instead, **report the vulnerability privately** via the **Security tab** on the [graphql-java GitHub repository](https://github.com/graphql-java/graphql-java/security). See instructions at [https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
21
21
:::
22
22
23
23
## Disclosure policy
24
-
The GraphQL Java maintainers will collaborate with those who report vulnerabilities privately via the [GitHub vulnerability reporting form](https://www.graphql-java.com/security).
25
-
We will acknowledge and review vulnerability reports as soon as we can. To protect the community, please do not publicly disclose the vulnerability.
24
+
The GraphQL Java maintainers will collaborate with those who report vulnerabilities privately via the [GitHub vulnerability reporting form](https://github.com/graphql-java/graphql-java/security).
25
+
We will acknowledge and review vulnerability reports as soon as we can. **To protect the community, please do not publicly disclose the vulnerability.**
26
26
The maintainers will make a public announcement after the vulnerability is fixed.
27
27
28
28
Please allow time for the maintainers to review vulnerability reports, please note we are an open source project run by volunteers.
0 commit comments