changes as per vale warnings (#2353)
* changes as per vale warnings * changes acc to feedback
This commit is contained in:
Nimra Ahmed
26
.github/SECURITY.md
vendored
26
.github/SECURITY.md
vendored
@ -2,27 +2,27 @@
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
We strongly encourage reporting any potential vulnerabilities.
|
||||
Reporting any potential vulnerabilities is strongly encouraged.
|
||||
|
||||
If you suspect a vulnerability, please take the following steps:
|
||||
- Contact us immediately at `security at twenty.com`.
|
||||
- Include a comprehensive description of the potential vulnerability and steps to reproduce the issue, if possible. The more information you can provide, the quicker we can address the problem.
|
||||
- Contact the team at `security at twenty.com`.
|
||||
- Include a comprehensive description of the potential vulnerability and steps to reproduce the issue, if possible. The more information you can provide, the quicker Twenty can address the problem.
|
||||
|
||||
Our commitment is to respond to your initial report within one business day.
|
||||
While we're addressing the issue, we kindly request you to maintain confidentiality about the vulnerability to ensure the security of all users.
|
||||
You can expect a response to your initial report within one business day.
|
||||
While the core team works on addressing the issue, please maintain confidentiality about the vulnerability to ensure the security of all users.
|
||||
Please refrain from exploiting the vulnerability or revealing the problem to others.
|
||||
|
||||
While we don't currently have a formal bug bounty program due to the project's nascent stage, we can assure you that:
|
||||
While Twenty doesn't have a formal bug bounty program right now due to the project's nascent stage, rest assured that:
|
||||
|
||||
- Your report will be responded to within one business day.
|
||||
- Your report and all accompanying data will be handled with utmost confidentiality.
|
||||
- We greatly appreciate your contribution and would be happy to acknowledge your role in the vulnerability fix, should you choose to be identified.
|
||||
- We will grant you permission to publicly discuss your findings after the patch has been released and a reasonable time has passed for users to implement it.
|
||||
- We (obviously) guarantee that we will not pursue any legal action as long as the vulnerability is not exploited.
|
||||
- You will get a response within one business day.
|
||||
- Your report and all accompanying data will receive the highest level of confidentiality.
|
||||
- Your contribution is greatly appreciated, and Twenty would acknowledge your role in the vulnerability fix, if you opt for identification.
|
||||
- Twenty will grant you permission to publicly discuss your findings once users have had a reasonable time to apply the patch after it becomes available.
|
||||
- Twenty guarantees not to pursue any legal action as long as the vulnerability is not exploited.
|
||||
|
||||
## Security Features
|
||||
We are always looking for ways to improve our product's security.
|
||||
If you have any recommendations or feature request that could enhance the product's security, we invite you to share them with us via the discussion forum.
|
||||
Efforts are continually made to enhance the security of the product.
|
||||
If you have any recommendations or feature request that could enhance the product's security, please share them via the discussion forum.
|
||||
|
||||
⚠️ Note this does not apply to security vulnerabilities. If you're in doubt, then always follow the security vulnerability process
|
||||
|
||||
|
||||
Reference in New Issue
Block a user