mirror of
https://github.com/ipfs/kubo.git
synced 2025-05-17 06:57:40 +08:00
b6ded334ec
* docs: add SECURITY.md This moves existing security policy from README to SECURITY.md which has a special meaning on Github: https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository * style: editoral fix Co-authored-by: Steve Loeppky <biglep@protocol.ai>
21 lines
848 B
Markdown
21 lines
848 B
Markdown
# Security Policy
|
|
|
|
The IPFS protocol and its implementations are still in heavy development. This
|
|
means that there may be problems in our protocols, or there may be mistakes in
|
|
our implementations. We take security
|
|
vulnerabilities very seriously. If you discover a security issue, please bring
|
|
it to our attention right away!
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you find a vulnerability that may affect live deployments -- for example, by
|
|
exposing a remote execution exploit -- please **send your report privately** to
|
|
security@ipfs.io. Please **DO NOT file a public issue**.
|
|
|
|
If the issue is a protocol weakness that cannot be immediately exploited or
|
|
something not yet deployed, just discuss it openly.
|
|
|
|
## Reporting a non security bug
|
|
|
|
For non-security bugs, please simply file a GitHub [issue](https://github.com/ipfs/go-ipfs/issues/new/choose).
|