Skip to content

add security policy #637

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
drakkan merged 1 commit into from
Oct 6, 2025
Merged

add security policy #637

drakkan merged 1 commit into from
Oct 6, 2025
+13 −0

Conversation

@drakkan
Copy link
Collaborator

@drakkan drakkan commented Oct 6, 2025

This should enable reporting private security issues via GitHub

@puellanivis
Copy link
Collaborator

puellanivis commented Oct 6, 2025

Great idea! While we offload our transport security to ssh, we of course, should still take security seriously within our own functionality.

@drakkan drakkan merged commit ff15937 into pkg:master Oct 6, 2025
4 checks passed
@drakkan
Copy link
Collaborator Author

drakkan commented Oct 6, 2025
edited
Loading

For some reason the "Report a vulnerability" is still missing. See for example here: https://github.com/drakkan/sftpgo/security.

It must be enabled, see here.

@puellanivis
Copy link
Collaborator

puellanivis commented Oct 6, 2025

I do see it now, so 👍

@drakkan
Copy link
Collaborator Author

drakkan commented Oct 6, 2025

I do see it now, so 👍

Hmm, that’s odd, I’m still getting a 404 when I open this link

@puellanivis
Copy link
Collaborator

puellanivis commented Oct 7, 2025

Oh, I looked at the link you linked rather than on our own project’s page. 😐

@drakkan
Copy link
Collaborator Author

drakkan commented Oct 8, 2025

I don’t have the necessary permissions to change the settings myself

Screenshot From 2025-10-08 18-55-38

@puellanivis
Copy link
Collaborator

puellanivis commented Oct 12, 2025

I also do not have permissions.

@drakkan drakkan mentioned this pull request Oct 30, 2025
Merged
@eikenb
Copy link
Member

eikenb commented Nov 7, 2025

I also do not have permissions.

You should have them now. I've added you as an Admin. Sorry about that, didn't realize I was the last admin standing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@puellanivis puellanivis puellanivis approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@drakkan @puellanivis @eikenb