Skip to content

removed the text and added a more Template version #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
AnirudhKarthikofficial wants to merge 1 commit into
base: main
Choose a base branch
from
Open

removed the text and added a more Template version #7

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 1 addition & 5 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,4 @@
| < 4.0 | :x: |

## Reporting a Vulnerability
Tell them where to go, how often they can expect to get an update on a
reported vulnerability, what to expect if the vulnerability is accepted or
declined, etc.

*this section can be edited only by the original creator since i dont have access to this info*
Contact Info: (DEMO EMAIL aka TOBIAS EMAIL, OR EXTENSION Email)
Copy link

Copilot AI Jan 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The "Reporting a Vulnerability" section now lacks important information that was present before. While the previous text was a placeholder, it indicated that this section should include details about where to report vulnerabilities, how often reporters can expect updates, and what to expect during the process. The new version only provides a placeholder for contact information but removes guidance about the vulnerability reporting process. Consider including clear instructions on how to report vulnerabilities, expected response times, and the triage process.

Suggested change
Contact Info: (DEMO EMAIL aka TOBIAS EMAIL, OR EXTENSION Email)
If you believe you have found a security vulnerability, please report it to us by emailing **security@example.com**.
When reporting, please include:
- A description of the vulnerability and its potential impact
- Steps to reproduce (proof-of-concept, scripts, or screenshots if possible)
- The affected version(s) and any relevant configuration details
- Any available logs or error messages that help us understand the issue
**Response and updates**
- We aim to acknowledge receipt of your report within **3 business days**.
- We will provide you with updates at key stages: when the issue is confirmed, when a fix is in development, and when a fix is released.
**Triage process**
- We review and validate the report to confirm the vulnerability.
- We assess severity and impact to prioritize remediation.
- We develop, test, and prepare a fix or mitigation.
- We coordinate disclosure with you, and we may credit you in release notes if you wish and if appropriate.

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI Jan 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inconsistent capitalization in the placeholder text. "DEMO EMAIL", "TOBIAS EMAIL" are in all caps while "Email" in "EXTENSION Email" has mixed case. If this placeholder text must remain temporarily, it should have consistent formatting.

Suggested change
Contact Info: (DEMO EMAIL aka TOBIAS EMAIL, OR EXTENSION Email)
Contact Info: (DEMO EMAIL aka TOBIAS EMAIL, OR EXTENSION EMAIL)

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI Jan 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The SECURITY.md file is critical for establishing trust and providing a secure channel for vulnerability disclosure. Having placeholder text or incomplete information in this file could discourage security researchers from reporting vulnerabilities or lead to reports being sent through insecure channels. This file should be complete with actual contact information and clear reporting procedures before being merged.

Suggested change
Contact Info: (DEMO EMAIL aka TOBIAS EMAIL, OR EXTENSION Email)
To report a security vulnerability, please use the "Report a vulnerability" link on this repository's Security tab or email our security team at security-reports@example.org.

Copilot uses AI. Check for mistakes.
Loading