Skip to content

Commit c217ffd

Browse files
codehippie1codehippie1
committed
Readme update with security policy
1 parent 99d1b46 commit c217ffd

File tree

2 files changed

+43
-0
lines changed

2 files changed

+43
-0
lines changed

docs-website/docs/features/security.md

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -313,3 +313,34 @@ cspNonce = 'your-random-nonce'; // Must match CSP policy
313313
:::tip
314314
The viewer is CSP-compliant by default. You only need the `cspNonce` input when using `customCSS` with strict CSP policies.
315315
:::
316+
317+
## 🚨 Reporting Security Vulnerabilities
318+
319+
We take security seriously and encourage responsible disclosure of security vulnerabilities.
320+
321+
### 🔒 Private Vulnerability Reporting
322+
323+
**Please do NOT report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
324+
325+
Instead, please report security vulnerabilities privately by:
326+
327+
- **📧 Email**: [[email protected]](mailto:[email protected])
328+
- **🔒 GitHub Security**: [Report a vulnerability](https://github.com/intbot/ng2-pdfjs-viewer/security/policy)
329+
- **📋 Security Policy**: [Full Security Policy](https://github.com/intbot/ng2-pdfjs-viewer/security/policy)
330+
331+
### 📝 What to Include
332+
333+
When reporting a vulnerability, please include:
334+
335+
- **Description**: Clear description of the vulnerability
336+
- **Steps to Reproduce**: Detailed steps to reproduce the issue
337+
- **Impact Assessment**: Potential impact and affected components
338+
- **Environment**: Browser, Angular version, ng2-pdfjs-viewer version
339+
- **Proof of Concept**: If applicable, include a minimal reproduction case
340+
- **Suggested Fix**: If you have ideas for a fix, please share them
341+
342+
### 🏆 Security Hall of Fame
343+
344+
We recognize security researchers who help improve ng2-pdfjs-viewer security. Contributors will be acknowledged in our security policy and documentation.
345+
346+
For complete security guidelines and reporting procedures, see our [Security Policy](https://github.com/intbot/ng2-pdfjs-viewer/security/policy).

lib/README.md

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -939,6 +939,18 @@ This project is licensed under the **Apache License 2.0 + Commons Clause License
939939
<div align="center">
940940

941941

942+
## 🔒 Security
943+
944+
I take security of this library seriously. If you discover a security vulnerability, please report it privately:
945+
946+
- **🔒 Private Reporting**: [Security Policy](https://github.com/intbot/ng2-pdfjs-viewer/security/policy)
947+
- **📧 Email**: [[email protected]](mailto:[email protected])
948+
- **⚠️ Please do NOT** report security issues through public GitHub issues
949+
950+
For security best practices and vulnerability reporting guidelines, see our [Security Policy](https://github.com/intbot/ng2-pdfjs-viewer/security/policy).
951+
952+
---
953+
942954
[![GitHub](https://img.shields.io/badge/GitHub-Repository-blue?logo=github)](https://github.com/intbot/ng2-pdfjs-viewer)
943955
[![NPM](https://img.shields.io/badge/NPM-Package-red?logo=npm)](https://www.npmjs.com/package/ng2-pdfjs-viewer)
944956
[![Angular](https://img.shields.io/badge/Angular-Component-green?logo=angular)](https://angular.dev/overview)

0 commit comments

Comments
 (0)