Fix #313: document how to report security issues and vulnerabilities

2020-08-04 11:14:52 +02:00 · 2020-08-04 11:14:52 +02:00 · 785f12ebe6
commit 785f12ebe6
--- a/README.rst
+++ b/README.rst
@ -28,6 +28,16 @@ Contribute
 Contribution guidelines as well as development installation instructions
 are outlined in `CONTRIBUTING <CONTRIBUTING.rst>`_.

+Security issues and vulnerabilities
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If you found a vulnerability in Funkwhale, please report it on our Gitlab instance at `https://dev.funkwhale.audio/funkwhale/funkwhale/-/issues`_, ensuring
+you have checked the ``This issue is confidential and should only be visible to team members with at least Reporter access.
+`` box. 
+
+This will ensure only maintainers and developpers have access to the vulnerability. Thank you for your help!
+
+
 Translate
 ^^^^^^^^^