Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-16 21:56:25 -05:00
Code Issues Activity

chore: format md

Browse source
This commit is contained in:
Juan Picado 2021-04-26 08:03:55 +02:00
parent 9a2f4a4667
commit 6791c2bcfa
1 changed files with 9 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
SECURITY.md
View file

@ -4,14 +4,13 @@
The following table describes the versions of this project that are currently supported with security updates:
| Version | Supported |
| ------- | ------------------ |
| 2.x | :x: |
| 3.x | :x: |
| 4.x | :white_check_mark: (until 1st July 2021) |
| 5.x | :white_check_mark: |
| 6.x alpha | :x: |
| Version | Supported |
| --------- | ---------------------------------------- |
| 2.x | :x: |
| 3.x | :x: |
| 4.x | :white_check_mark: (until 1st July 2021) |
| 5.x | :white_check_mark: |
| 6.x alpha | :x: |
## Responsible disclosure security policy
@ -29,11 +28,11 @@ At Verdaccio, we consider the security of our systems a top priority. But no mat
If you discover a security vulnerability, please use one of the following means of communications to report it to us:
* Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
- Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
Note that time-frame and processes are subject to each programs own policy.
* Report the security issue to the project maintainers directly at verdaccio@pm.me. If the report contains highly sensitive information, please be advised to encrypt your findings using our [PGP key](https://verdaccio.nyc3.digitaloceanspaces.com/gpg/publickey.verdaccio@pm.me.asc) which is also available in this document.
- Report the security issue to the project maintainers directly at verdaccio@pm.me. If the report contains highly sensitive information, please be advised to encrypt your findings using our [PGP key](https://verdaccio.nyc3.digitaloceanspaces.com/gpg/publickey.verdaccio@pm.me.asc) which is also available in this document.
Your efforts to responsibly disclose your findings are sincerely appreciated and will be taken into account to acknowledge your contributions.