diff options
Diffstat (limited to 'vendor/github.com/lrstanley/girc/SECURITY.md')
| -rw-r--r-- | vendor/github.com/lrstanley/girc/SECURITY.md | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/vendor/github.com/lrstanley/girc/SECURITY.md b/vendor/github.com/lrstanley/girc/SECURITY.md deleted file mode 100644 index 7c951d0c..00000000 --- a/vendor/github.com/lrstanley/girc/SECURITY.md +++ /dev/null @@ -1,54 +0,0 @@ -<!-- THIS FILE IS GENERATED! DO NOT EDIT! Maintained by Terraform. --> -# :old_key: Security Policy - -## :heavy_check_mark: Supported Versions - -The following restrictions apply for versions that are still supported in terms of security and bug fixes: - - * :grey_question: Must be using the latest major/minor version. - * :grey_question: Must be using a supported platform for the repository (e.g. OS, browser, etc), and that platform must - be within its supported versions (for example: don't use a legacy or unsupported version of Ubuntu or - Google Chrome). - * :grey_question: Repository must not be archived (unless the vulnerability is critical, and the repository moderately - popular). - * :heavy_check_mark: - -If one of the above doesn't apply to you, feel free to submit an issue and we can discuss the -issue/vulnerability further. - - -## :lady_beetle: Reporting a Vulnerability - -Best method of contact: [GPG :key:](https://github.com/lrstanley.gpg) - - * :speech_balloon: [Discord][chat]: message `/home/liam#0000`. - * :email: Email: `security@liamstanley.io` - -Backup contacts (if I am unresponsive after **48h**): [GPG :key:](https://github.com/FM1337.gpg) - * :speech_balloon: [Discord][chat]: message `Allen#7440`. - * :email: Email: `security@allenlydiard.ca` - -If you feel that this disclosure doesn't include a critical vulnerability and there is no sensitive -information in the disclosure, you don't have to use the GPG key. For all other situations, please -use it. - -### :stopwatch: Vulnerability disclosure expectations - - * :no_bell: We expect you to not share this information with others, unless: - * The maximum timeline for initial response has been exceeded (shown below). - * The maximum resolution time has been exceeded (shown below). - * :mag_right: We expect you to responsibly investigate this vulnerability -- please do not utilize the - vulnerability beyond the initial findings. - * :stopwatch: Initial response within 48h, however, if the primary contact shown above is unavailable, please - use the backup contacts provided. The maximum timeline for an initial response should be within - 7 days. - * :stopwatch: Depending on the severity of the disclosure, resolution time may be anywhere from 24h to 2 - weeks after initial response, though in most cases it will likely be closer to the former. - * If the vulnerability is very low/low in terms of risk, the above timelines **will not apply**. - * :toolbox: Before the release of resolved versions, a [GitHub Security Advisory][advisory-docs]. - will be released on the respective repository. [Browser all advisories here][advisory]. - -<!-- definitions --> -[chat]: https://liam.sh/chat -[advisory]: https://github.com/advisories?query=type%3Areviewed+ecosystem%3Ago -[advisory-docs]: https://docs.github.com/en/code-security/repository-security-advisories/creating-a-repository-security-advisory |