From 6dc93806a80ad807dd715ab3d15a2639633cd619 Mon Sep 17 00:00:00 2001 From: Max Goedjen Date: Mon, 1 Sep 2025 18:46:06 -0700 Subject: [PATCH] Enable GitHub private security issue reporting and update policies (#653) * Revise security vulnerability reporting process Updated security reporting instructions in README.md. * Change vulnerability reporting email to GitHub feature Updated the vulnerability reporting method to use GitHub's private reporting feature. --- README.md | 2 +- SECURITY.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 50d8cd1..66d2b04 100644 --- a/README.md +++ b/README.md @@ -61,4 +61,4 @@ Because secrets in the Secure Enclave are not exportable, they are not able to b ## Security -If you discover any vulnerabilities in this project, please notify [max.goedjen@gmail.com](mailto:max.goedjen@gmail.com) with the subject containing "SECRETIVE SECURITY." +Secretive's security policy is detailed in [SECURITY.md](SECURITY.md). To report security issues, please use [GitHub's private reporting feature.](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) diff --git a/SECURITY.md b/SECURITY.md index 94d1da3..63412c6 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -24,4 +24,4 @@ The latest version on the [Releases page](https://github.com/maxgoedjen/secretiv ## Reporting a Vulnerability -If you discover any vulnerabilities in this project, please notify max.goedjen@gmail.com with the subject containing "SECRETIVE SECURITY." +To report security issues, please use [GitHub's private reporting feature.](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability)