mirrors/wagtail
mirrors/wagtail
0
0
Fork 0
mirror of https://github.com/wagtail/wagtail.git synced 2024-11-21 18:09:02 +01:00
Code Issues Releases Wiki Activity

Move security.txt to wagtail.org (#9751)

Browse Source
This commit is contained in:
Jake Howard 2022-12-05 15:16:38 +00:00 committed by Matt Westcott
parent 5f870fbd13
commit a2e1becc49
4 changed files with 11 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/SECURITY.md vendored Normal file
View File

@ -0,0 +1,5 @@
# Security
See https://docs.wagtail.org/en/latest/contributing/security.html.
This information can also be found in our security.txt: https://wagtail.org/.well-known/security.txt

7
SECURITY.md
View File

@ -1,7 +0,0 @@
# Security
We take the security of Wagtail, and related packages we maintain, seriously. If you have found a security issue with any of our projects please email us at security@wagtail.org so we can work together to find and patch the issue. We appreciate responsible disclosure with any security related issues, so please contact us first before creating a Github issue.
If you want to send an encrypted email (optional), the public key ID for security@wagtail.org is [0xbed227b4daf93ff9](https://keyserver.ubuntu.com/pks/lookup?search=0xbed227b4daf93ff9&fingerprint=on&op=index), and this public key is available from most commonly-used keyservers.
This information can also be found in our security.txt: https://docs.wagtail.org/.well-known/security.txt

6
docs/contributing/security.md
View File

@ -1,5 +1,9 @@
# Reporting security issues
```{warning}
Ensure you are viewing our [latest security policy](https://docs.wagtail.org/en/latest/contributing/security.html).
```
```{note}
Please report security issues **only** to [security@wagtail.org](mailto:security@wagtail.org).
```
@ -13,6 +17,8 @@ Once you've submitted an issue via email, you should receive an acknowledgement
If you want to send an encrypted email (optional), the public key ID for <security@wagtail.org> is `0xbed227b4daf93ff9`, and this public key is available from most commonly-used keyservers.
This information can also be found in our [security.txt](https://wagtail.org/.well-known/security.txt).
Django security issues should be reported directly to the Django Project, following [Django's security policies](https://docs.djangoproject.com/en/dev/internals/security/) (upon which Wagtail's own policies are based).
## Supported versions

6
docs/public/.well-known/security.txt
View File

@ -1,6 +0,0 @@
Contact: mailto:security@wagtail.org
Preferred-Languages: en
Canonical: https://docs.wagtail.org/.well-known/security.txt
Encryption: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x220b7102b615b692e37d886dbed227b4daf93ff9
Expires: 2024-01-27T19:43:00.000Z
Policy: https://github.com/wagtail/wagtail/security/policy