diff options
| -rw-r--r-- | CONTRIBUTING.md | 17 | ||||
| -rw-r--r-- | README.md | 8 |
2 files changed, 7 insertions, 18 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 56bc9d91..37dfa77e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -99,22 +99,7 @@ Any components proposed for reuse should have a license that permits releasing a derivative work under *LGPL v2.1 or later* or LGPL v3. Moreover, the license of a proposed component should be approved by OSI, no exceptions. -## Vulnerability reporting (security issues) - -If you find a significant vulnerability, or evidence of one, -use either of the following contacts: -* send an email to Kitsune Ral [Kitsune-Ral@users.sf.net](mailto:Kitsune-Ral@users.sf.net) -* reach out in Matrix to #kitsune:matrix.org (if you can, switch encryption **on**) - -In any of these two options, _indicate that you have such information_ -(do not share the information yet), and we'll tell you the next steps. - -By default, we will give credit to anyone who reports a vulnerability in -a responsible way so that we can fix it before public disclosure. If you want -to remain anonymous or pseudonymous instead, please let us know; we will -gladly respect your wishes. If you provide a fix as a PR, you have no way -to remain anonymous (and you also disclose the vulnerability thereby) so this -is not the right way, unless the vulnerability is already made public. +## Vulnerability reporting (security issues) - see [SECURITY.md](./SECURITY.md) ## Documentation changes @@ -12,9 +12,13 @@ libQMatrixClient is a Qt5-based library to make IM clients for the [Matrix](https://matrix.org) protocol. It is the backbone of [Quaternion](https://github.com/QMatrixClient/Quaternion), [Spectral](https://matrix.org/docs/projects/client/spectral.html) and some other projects. ## Contacts -You can find authors of libQMatrixClient in the Matrix room: [#qmatrixclient:matrix.org](https://matrix.to/#/#qmatrixclient:matrix.org). +You can find authors of libQMatrixClient in the Matrix room: +[#qmatrixclient:matrix.org](https://matrix.to/#/#qmatrixclient:matrix.org). -You can also file issues at [the project's issue tracker](https://github.com/QMatrixClient/libqmatrixclient/issues). If you have what looks like a security issue, please see respective instructions in CONTRIBUTING.md. +You can also file issues at +[the project's issue tracker](https://github.com/QMatrixClient/libqmatrixclient/issues). +If you find what looks like a security issue, please use instructions +in SECURITY.md. ## Building and usage So far the library is typically used as a git submodule of another project |