2221c68dff
* restructured user guide, minor fixes * added index file for user guide * github actions for vale * testing workflow * CI vale * changes as per vale's suggestions * set CI vale on pull request * adding homebrew script to macos infra setup file * fix CI errors * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * testing vale * vale testing complete * vale cleanup * vale test * vale test for github-pr-check * vale test for github-pr-check * vale test for github-pr-check * vale test for github-pr-check * testing vale warnings * testing vale warnings * testing vale warnings * testing vale warnings * testing vale warnings * testing vale warnings * testing vale warnings * swizzled doc cards to add icons * Align CI params to other CIs --------- Co-authored-by: Félix Malfait <felix.malfait@gmail.com>
1.8 KiB
Security Policy
Reporting a Vulnerability
We strongly encourage reporting any potential vulnerabilities.
If you suspect a vulnerability, please take the following steps:
- Contact us immediately at
security at twenty.com. - Include a comprehensive description of the potential vulnerability and steps to reproduce the issue, if possible. The more information you can provide, the quicker we can address the problem.
Our commitment is to respond to your initial report within one business day. While we're addressing the issue, we kindly request you to maintain confidentiality about the vulnerability to ensure the security of all users. Please refrain from exploiting the vulnerability or revealing the problem to others.
While we don't currently have a formal bug bounty program due to the project's nascent stage, we can assure you that:
- Your report will be responded to within one business day.
- Your report and all accompanying data will be handled with utmost confidentiality.
- We greatly appreciate your contribution and would be happy to acknowledge your role in the vulnerability fix, should you choose to be identified.
- We will grant you permission to publicly discuss your findings after the patch has been released and a reasonable time has passed for users to implement it.
- We (obviously) guarantee that we will not pursue any legal action as long as the vulnerability is not exploited.
Security Features
We are always looking for ways to improve our product's security. If you have any recommendations or feature request that could enhance the product's security, we invite you to share them with us via the discussion forum.
⚠️ Note this does not apply to security vulnerabilities. If you're in doubt, then always follow the security vulnerability process