forgejo/vendor/github.com/microcosm-cc/bluemonday/SECURITY.md
zeripath 04196b7658
Update to bluemonday-1.0.6 ()
Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-04-05 17:38:31 -04:00

582 B
Vendored

Security Policy

Supported Versions

Latest tag and tip are supported.

Older tags remain present but changes result in new tags and are not back ported... please verify any issue against the latest tag and tip.

Reporting a Vulnerability

Email: bluemonday@buro9.com

Bluemonday is pure OSS and not maintained by a company. As such there is no bug bounty program but security issues will be taken seriously and resolved as soon as possible.

The maintainer lives in the United Kingdom and whilst the email is monitored expect a reply or ACK when the maintainer is awake.