Enable GitHub private security issue reporting and update policies (#653)

* Revise security vulnerability reporting process Updated security reporting instructions in README.md. * Change vulnerability reporting email to GitHub feature Updated the vulnerability reporting method to use GitHub's private reporting feature.
2025-09-05 03:50:58 +00:00 · 2025-09-01 18:46:06 -07:00 · 2025-09-01 18:46:06 -07:00 · 6dc93806a8
commit 6dc93806a8
parent 99a6d48e53
2 changed files with 2 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -61,4 +61,4 @@ Because secrets in the Secure Enclave are not exportable, they are not able to b

 ## Security

-If you discover any vulnerabilities in this project, please notify [max.goedjen@gmail.com](mailto:max.goedjen@gmail.com) with the subject containing "SECRETIVE SECURITY."
+Secretive's security policy is detailed in [SECURITY.md](SECURITY.md). To report security issues, please use [GitHub's private reporting feature.](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability)
--- a/SECURITY.md
+++ b/SECURITY.md
@ -24,4 +24,4 @@ The latest version on the [Releases page](https://github.com/maxgoedjen/secretiv

 ## Reporting a Vulnerability

-If you discover any vulnerabilities in this project, please notify max.goedjen@gmail.com with the subject containing "SECRETIVE SECURITY."
+To report security issues, please use [GitHub's private reporting feature.](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability)