You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: SECURITY.md
+7-1Lines changed: 7 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,4 +5,10 @@
5
5
Until Trillium reaches 1.0, only the most recent release will be certainly be supported for security updates, but an effort will be made to backport critical patches when possible.
6
6
7
7
## Reporting a Vulnerability
8
-
To report a vulnerability, email [hi@jbr.me](mailto:hi@jbr.me)
8
+
9
+
To report a vulnerability, email [hi@jbr.me](mailto:hi@jbr.me) and/or contact me on [signal](https://signal.group/#CjQKIAarILo8OPFVt2qMCYgtDsPwOwwf_zVkZcDi7HEnF-BUEhAOAw28LIdxCfjbSiOJ36jB). The latter is an experiment, so please follow up by email additionally for now.
10
+
11
+
Feel free to [draft a GitHub Security Advisory](https://github.com/trillium-rs/trillium/security/advisories/new) in addition to the above.
12
+
13
+
> [!IMPORTANT]
14
+
> Please do not _exclusively_ file a GitHub security advisory without also reaching out on another channel. GitHub's notifications for draft security advisories are inadequate and too easily missed.
0 commit comments