You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: security.md
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -11,11 +11,11 @@ of security issues.
11
11
12
12
## How to report vulnerabilities
13
13
14
-
If you believe you've found a security vulnerability in a [Jupyter Subproject](https://jupyter.org/governance/list_of_subprojects.html),
15
-
you can either:
14
+
To report a security vulnerability in a [Jupyter Subproject](https://jupyter.org/governance/list_of_subprojects.html),
15
+
take one of these two actions:
16
16
17
-
- directly open a GitHub Security Advisory (GHSA) in the relevant repository
18
-
- report it to [security@ipython.org](mailto:security@ipython.org)if opening a GHSA is not possible, or you are unsure
17
+
1.**Open a GitHub Security Advisory** (GHSA) in the relevant repository (preferred approach). See [the GitHub instructions for opening security advisories](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability).
18
+
2.**Send an e-mail to [security@jupyter.org](mailto:security@jupyter.org)** reporting the vulnerability. Only do this if opening a GHSA is not possible, or you are unsure what to do.
19
19
where it will belong.
20
20
21
21
**We do not currently run bug bounty programs, and do not currently reward
0 commit comments