diff --git a/.github/ISSUE_TEMPLATE/security.md b/.github/ISSUE_TEMPLATE/security.md new file mode 100644 index 000000000..26450ed3a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/security.md @@ -0,0 +1,19 @@ +--- + +name: "Security Issue" +about: "Just for alerting @louislam, do not provide any details here" +title: "Security Issue" +ref: "main" +labels: + +- security + +--- + +DO NOT PROVIDE ANY DETAILS HERE. Please privately report to https://github.com/louislam/uptime-kuma/security/advisories/new. + + +Why need this issue? It is because GitHub Advisory do not send a notification to @louislam, it is a workaround to do so. + +Your GitHub Advisory URL: + diff --git a/SECURITY.md b/SECURITY.md index c30e5f4fb..43dc7654b 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,7 +2,8 @@ ## Reporting a Vulnerability -Please report security issues to https://github.com/louislam/uptime-kuma/security/advisories/new. +1. Please report security issues to https://github.com/louislam/uptime-kuma/security/advisories/new. +1. Please also create a empty security issues for alerting me, as GitHub Advisory do not send a notification, I probably will miss without this. https://github.com/louislam/uptime-kuma/issues/new?assignees=&labels=help&template=security.md Do not use the public issue tracker or discuss it in the public as it will cause more damage.