From 1a641f6e1113ca40524d4cf545683f6665a76428 Mon Sep 17 00:00:00 2001 From: Davin Chia Date: Thu, 18 Aug 2022 11:46:01 -0700 Subject: [PATCH] Update Disclosure Policy (#15765) * Update disclosure. * Add static to everything. --- README.md | 10 ++++++++-- docs/readme.md | 7 +++++++ 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9d25fedb7ab..1564b51d34f 100644 --- a/README.md +++ b/README.md @@ -60,11 +60,17 @@ For general help using Airbyte, please refer to the official Airbyte documentati * [Twitter](https://twitter.com/airbytehq) \(Get the news fast\) * [Weekly office hours](https://airbyte.io/weekly-office-hours/) \(Live informal 30-minute video call sessions with the Airbyte team\) +## Reporting Vulnerabilities +⚠️ Please do not file GitHub issues or post on our public forum for security vulnerabilities as they are public! ⚠️ + +Airbyte takes security issues very seriously. If you have any concern around Airbyte or believe you have uncovered a vulnerability, please get in touch via the e-mail address security@airbyte.io. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible. + +Note that this security address should be used only for undisclosed vulnerabilities. Dealing with fixed issues or general questions on how to use the security features should be handled regularly via the user and the dev lists. Please report any security problems to us before disclosing it publicly. + ## Roadmap Check out our [roadmap](https://app.harvestr.io/roadmap/view/pQU6gdCyc/launch-week-roadmap) to get informed on what we are currently working on, and what we have in mind for the next weeks, months and years. ## License -See the [LICENSE](docs/project-overview/licenses/) file for licensing information, and our [FAQ](docs/project-overview/licenses/license-faq.md) for any questions you may have on that topic. - +See the [LICENSE](docs/project-overview/licenses/) file for licensing information, and our [FAQ](docs/project-overview/licenses/license-faq.md) for any questions you may have on that topic. diff --git a/docs/readme.md b/docs/readme.md index 7a38413f71e..a911cdb66aa 100644 --- a/docs/readme.md +++ b/docs/readme.md @@ -23,3 +23,10 @@ To contribute to Airbyte code, connectors, and documentation, refer to our [Cont [![GitHub stars](https://img.shields.io/github/stars/airbytehq/airbyte?style=social&label=Star&maxAge=2592000)](https://GitHub.com/airbytehq/airbyte/stargazers/) [![GitHub Workflow Status](https://img.shields.io/github/workflow/status/airbytehq/airbyte/Airbyte%20CI)](https://github.com/airbytehq/airbyte/actions/workflows/gradle.yml) [![License](https://img.shields.io/static/v1?label=license&message=MIT&color=brightgreen)](https://github.com/airbytehq/airbyte/tree/a9b1c6c0420550ad5069aca66c295223e0d05e27/LICENSE/README.md) [![License](https://img.shields.io/static/v1?label=license&message=ELv2&color=brightgreen)](https://github.com/airbytehq/airbyte/tree/a9b1c6c0420550ad5069aca66c295223e0d05e27/LICENSE/README.md) +### Reporting Vulnerabilities +⚠️ Please do not file GitHub issues or post on our public forum for security vulnerabilities as they are public! ⚠️ + +Airbyte takes security issues very seriously. If you have any concern around Airbyte or believe you have uncovered a vulnerability, please get in touch via the e-mail address security@airbyte.io. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible. + +Note that this security address should be used only for undisclosed vulnerabilities. Dealing with fixed issues or general questions on how to use the security features should be handled regularly via the user and the dev lists. Please report any security problems to us before disclosing it publicly. +