We should add a SECURITY.md #646

issue real-or-random opened this issue on July 3, 2019
  1. real-or-random commented at 2:50 PM on July 3, 2019: contributor

    It's now good practice to have a SECURITY.md file that explains a well-defined process for reporting vulnerabilities. Core has this too: https://github.com/bitcoin/bitcoin/blob/master/SECURITY.md

    This is also a good chance to think about the process, i.e., who should actually be informed about vulnerabilities in this library. This is not completely obvious since this library somehow belongs to Bitcoin Core (I mean the software, not the "organization"/group of people) but on the other hand is maintained separately.

  2. real-or-random renamed this:
    No SECURITY.md
    We should add a SECURITY.md
    on Jul 3, 2019
  3. elichai commented at 4:15 PM on July 3, 2019: contributor

    Maybe this question should go on to the mailing list / bitcoin/bitcoin issues too? so that the rest of the bitcoin community/maintainers could express their opinions. I think it's a very good question.

  4. jonasnick cross-referenced this on Oct 28, 2019 from issue Add SECURITY.md by jonasnick
  5. jonasnick closed this on Nov 26, 2019
Contributors
real-or-randomelichai
Linked (view graph)
#679 Add SECURITY.md
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-18 21:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me