Trying to get in touch regarding a security issue #13
Comments
|
@JamieSlome you should do full disclosure, the time has passed |
|
@psmoros (cc) |
|
Last commit was 5 years ago, I doubt someone will reply. |
|
I can't find Nick's email anywhere... If you find it feel free to privately reach out otherwise you can just as well open a public issue |
|
I would really say go full disclosure, ethjs-util is used all over the ecosystem - and keeping the vuln closed endangers users |
|
Agreed! Sorry I thought you were the original author of the report. We will triage it internally and take a decision soon :) |
legobeat
added a commit
to legobeat/ethjs-util
that referenced
this issue
Nov 1, 2023
* devDeps: webpack@2->3 * npm dedupe; npm audit fix * update dist
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hey there!
I'd like to report a security issue but cannot find contact instructions on your repository.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: