revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-03-21 00:30:09 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/docs/user/reporting_security.diviner

18 lines
588 B
Text
Raw Normal View History

Document the security vulnerability reporting policy Summary: Fixes T2791. I'm happy with HackerOne, so this pretty much just says "use HackerOne". Test Plan: {F128995} - Clicked all the links. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T2791 Differential Revision: https://secure.phabricator.com/D8538
2014-03-14 14:33:41 -07:00
@title Reporting Security Vulnerabilities
@group intro
Update Diviner documentation to reference Phorge instead of Phabricator. Summary: This commit also removes references to support pacts and updates links to point to the new upstream. Test Plan: Generated Diviner documentation on a local install and verified that the changes look good. Reviewers: O1 Blessed Committers, chris Reviewed By: O1 Blessed Committers, chris Subscribers: chris, speck, tobiaswiese Maniphest Tasks: T15012 Differential Revision: https://we.phorge.it/D25007
2021-06-19 17:19:56 -06:00
Describes how to report security vulnerabilities in Phorge.
Document the security vulnerability reporting policy Summary: Fixes T2791. I'm happy with HackerOne, so this pretty much just says "use HackerOne". Test Plan: {F128995} - Clicked all the links. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T2791 Differential Revision: https://secure.phabricator.com/D8538
2014-03-14 14:33:41 -07:00
Update support documentation for modern times Summary: Basically similar to D13941 but a little more extreme: - Really strongly emphasize reproducibility for bug reports, and set users up for rejection if they don't satisfy this. - Really strongly emphasize problem descriptions for feature requests, and set users up for rejection. - Get rid of various "please give us feedback"; we get plenty of feedback these days. - Some modernization tweaks. - Split the support document into: - Stuff we actually support for free (security / good bug reports / feature requests). - Stuff you can pay us for (hosting / consulting / prioritization). - A nebulous "community" section, with appropriate (low) expectations that better reflects reality. My overall goals here are: - Set expectations better, so users don't show up in IRC expecting it to be a "great place to get amazing support" or whatever the docs said in 2011. - Possibly move the needle slightly on bug reports / feature request quality, maybe. Test Plan: Read changes carefully. Reviewers: chad Reviewed By: chad Differential Revision: https://secure.phabricator.com/D14305
2015-10-19 13:29:24 -07:00
Overview
========
Document the security vulnerability reporting policy Summary: Fixes T2791. I'm happy with HackerOne, so this pretty much just says "use HackerOne". Test Plan: {F128995} - Clicked all the links. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T2791 Differential Revision: https://secure.phabricator.com/D8538
2014-03-14 14:33:41 -07:00
Update Diviner documentation to reference Phorge instead of Phabricator. Summary: This commit also removes references to support pacts and updates links to point to the new upstream. Test Plan: Generated Diviner documentation on a local install and verified that the changes look good. Reviewers: O1 Blessed Committers, chris Reviewed By: O1 Blessed Committers, chris Subscribers: chris, speck, tobiaswiese Maniphest Tasks: T15012 Differential Revision: https://we.phorge.it/D25007
2021-06-19 17:19:56 -06:00
Phorge accepts bug reports on the upstream install. Please use the
[[https://we.phorge.it/maniphest/task/edit/form/1/ | security reporting form]]
to report security vulnerabilities.
Document the security vulnerability reporting policy Summary: Fixes T2791. I'm happy with HackerOne, so this pretty much just says "use HackerOne". Test Plan: {F128995} - Clicked all the links. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T2791 Differential Revision: https://secure.phabricator.com/D8538
2014-03-14 14:33:41 -07:00
Update Diviner documentation to reference Phorge instead of Phabricator. Summary: This commit also removes references to support pacts and updates links to point to the new upstream. Test Plan: Generated Diviner documentation on a local install and verified that the changes look good. Reviewers: O1 Blessed Committers, chris Reviewed By: O1 Blessed Committers, chris Subscribers: chris, speck, tobiaswiese Maniphest Tasks: T15012 Differential Revision: https://we.phorge.it/D25007
2021-06-19 17:19:56 -06:00
If you aren't sure if something qualifies, you can submit the issue as a normal
bug report. For instructions, see @{article:Contributing Bug Reports}.
Document the security vulnerability reporting policy Summary: Fixes T2791. I'm happy with HackerOne, so this pretty much just says "use HackerOne". Test Plan: {F128995} - Clicked all the links. Reviewers: btrahan, chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T2791 Differential Revision: https://secure.phabricator.com/D8538
2014-03-14 14:33:41 -07:00
Update Diviner documentation to reference Phorge instead of Phabricator. Summary: This commit also removes references to support pacts and updates links to point to the new upstream. Test Plan: Generated Diviner documentation on a local install and verified that the changes look good. Reviewers: O1 Blessed Committers, chris Reviewed By: O1 Blessed Committers, chris Subscribers: chris, speck, tobiaswiese Maniphest Tasks: T15012 Differential Revision: https://we.phorge.it/D25007
2021-06-19 17:19:56 -06:00
General information about security changes is reported in the
[[ https://we.phorge.it/w/changelog/ | Changelog ]].
Copy permalink