dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Simplify options

This commit is contained in:
Aaron Crawfis 2021-04-28 14:44:41 -07:00
parent 1e01fa40ee
commit 5d843699e2
1 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
daprdocs/content/en/operations/support/support-security-issues.md
View File

@ -10,10 +10,6 @@ The Dapr organization and team makes security a central focus of how we operate
## Reporting security issues
To report a security issue there are two options:
1. Disclose privately to the [Dapr Maintainers (dapr@dapr.io)](mailto:dapr@dapr.io?subject=[Security%20Disclosure]:%20ISSUE%20TITLE)
- Use this option if you find an issue in Dapr that needs to be patched ASAP.
- The Dapr maintainers will triage, patch, and send an annoucement within 30 days.
1. Report publicly via [GitHub issue](https://github.com/dapr/dapr/issues/new/choose)
- Use this option if there is a Dapr dependency or software package that needs to be patched or investigated (*eg. CodeCov disclosed a breach of their GitHub Action in April 2021).
- The Dapr maintainers will triage, resolve, and update the GitHub issue ASAP. Announcements will be made on a case-by-case basis.
To report a security issue, please privately email the [Dapr Maintainers (dapr@dapr.io)](mailto:dapr@dapr.io?subject=[Security%20Disclosure]:%20ISSUE%20TITLE)
The Dapr maintainers will triage and respond ASAP and then patch and send an annoucement within 30 days.