]> git.openstreetmap.org Git - rails.git/commitdiff
Add a basic security policy.
authorAndy Allan <git@gravitystorm.co.uk>
Wed, 3 Aug 2022 16:06:18 +0000 (17:06 +0100)
committerAndy Allan <git@gravitystorm.co.uk>
Wed, 3 Aug 2022 16:06:18 +0000 (17:06 +0100)
Fixes #3553

SECURITY.md [new file with mode: 0644]

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644 (file)
index 0000000..c1ad6e5
--- /dev/null
@@ -0,0 +1,9 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+We welcome any reports of security vulnerabilities, and we will respond to you quickly to acknowledge receipt.
+
+To report a vulnerability please email [the maintainers using this link](mailto:tom@compton.nu;openstreetmap-website@gravitystorm.co.uk;security@openstreetmap.org). This will also notify the security team for the main deployment of this software.
+
+Please note that we do not offer any bug bounties and we do not participate in any bug programs. If your security report is validated by us, then we are happy to credit you publicly in our issue tracker, on request.