diff options
| -rw-r--r-- | SECURITY.md | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/SECURITY.md b/SECURITY.md index 7d1e0166c9..9d1ecf35ab 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,9 +2,16 @@ ## Reporting a vulnerability -If you want to report a security issue, please privately disclose the issue to the vim-security mailing list -vim-security@googlegroups.com - -This is a private list, read only by the maintainers, but anybody can post, after moderation. +If you want to report a security issue, please privately disclose the issue either via: +- The vim-security mailing list: vim-security@googlegroups.com + This is a private list, read only by the maintainers, but anybody can post. +- [GitHub Security Advisories](https://github.com/vim/vim/security/advisories/new) **Please don't publicly disclose the issue until it has been addressed by us.** + +## Guidelines for reporting +- Clearly explain **why** the behaviour is a security issue, not just that a bug exists. +- Keep reports concise and focused. +- Do not flood us with a list of issues. Report them one by one to ensure to not overwhelm us with the work load. +- Do **not** submit AI-generated reports without carefully reviewing them first. Low-quality or + speculative reports waste maintainer time and will be closed without action, and repeat offenders **will be banned**. |