diff --git a/.github/contributing.md b/.github/contributing.md index 7bd4a3108a0406beaa314a552ccfb0b63567c1c8..25334dde004996dbde42ceedf9b140d07a89281d 100644 --- a/.github/contributing.md +++ b/.github/contributing.md @@ -1,9 +1,12 @@ # Contributing -## Security +## Security / Disclosure -If you think you've found a **security issue**, please do not mention it in this repository. -Instead, email renovate-disclosure@whitesourcesoftware.com with as much details as possible so that it can be handled confidentially. +If you find any bug with Renovate that may be a security problem, then e-mail us at: [renovate-disclosure@whitesourcesoftware.com](mailto:renovate-disclosure@whitesourcesoftware.com). +This way we can evaluate the bug and hopefully fix it before it gets abused. +Please give us enough time to investigate the bug before you report it anywhere else. + +Please do not create GitHub issues for security-related doubts or problems. ## Support diff --git a/SECURITY.md b/SECURITY.md index b3e5f84f1cbf0e9ec5570293a7843b0a5ab7b7ae..db800d4a0e3f738c0d69eddbdb8b1b87bf1dd347 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,4 +1,7 @@ -# Security Policy +# Security / Disclosure -Please send an email to [renovate-disclosure@whitesourcesoftware.com](mailto:renovate-disclosure@whitesourcesoftware.com) describing what you have found. -Please do not raise an issue in this repository or publicize your concern in any other forum without giving us adequate time to investigate first. +If you find any bug with Renovate that may be a security problem, then e-mail us at: [renovate-disclosure@whitesourcesoftware.com](mailto:renovate-disclosure@whitesourcesoftware.com). +This way we can evaluate the bug and hopefully fix it before it gets abused. +Please give us enough time to investigate the bug before you report it anywhere else. + +Please do not create GitHub issues for security-related doubts or problems. diff --git a/readme.md b/readme.md index 2f5f52a8673974c8099b51ddd10373e03b7d6a71..7af8adea10e7edf2ba30fba71255d52e3f06bef0 100644 --- a/readme.md +++ b/readme.md @@ -108,7 +108,8 @@ If you want to contribute to Renovate or get a local copy running, please read t ## Security / Disclosure -If you find any important bug with Renovate that may be a security problem, then e-mail us at: renovate-disclosure@whitesourcesoftware.com. +If you find any bug with Renovate that may be a security problem, then e-mail us at: [renovate-disclosure@whitesourcesoftware.com](mailto:renovate-disclosure@whitesourcesoftware.com). This way we can evaluate the bug and hopefully fix it before it gets abused. +Please give us enough time to investigate the bug before you report it anywhere else. Please do not create GitHub issues for security-related doubts or problems.