mirror of
				https://github.com/firefly-iii/firefly-iii.git
				synced 2025-10-26 05:26:17 +00:00 
			
		
		
		
	Small textual changes
This commit is contained in:
		
							
								
								
									
										6
									
								
								.github/security.md
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										6
									
								
								.github/security.md
									
									
									
									
										vendored
									
									
								
							| @@ -1,9 +1,9 @@ | ||||
| # Security Policy | ||||
|  | ||||
| Firefly III is an application to manage your personal finances. As such, the develop has adopted this security disclosure and response policy to ensure that critical issues are responsibly handled. | ||||
| Firefly III is an application to manage your personal finances. As such, the developer has adopted this security disclosure and response policy to ensure that critical issues are responsibly handled. | ||||
|  | ||||
| ## Supported Versions | ||||
| Only the latest Firefly III release is maintained. Applicable fixes, including security fixes, will not backported to older release branches. Please refer to [RELEASES.md](https://github.com/firefly-iii/firefly-iii/blob/main/releases.md) for details. | ||||
| Only the latest Firefly III release is maintained. Applicable fixes, including security fixes, will not backported to older release branches. Please refer to [releases.md](https://github.com/firefly-iii/firefly-iii/blob/main/releases.md) for details. | ||||
|  | ||||
| ## Reporting a Vulnerability - Private Disclosure Process | ||||
| Security is of the highest importance and all security vulnerabilities or suspected security vulnerabilities should be reported to Firefly III privately, to minimize attacks against current users of Firefly III before they are fixed. Vulnerabilities will be investigated and patched on the next patch (or minor) release as soon as possible. This information could be kept entirely internal to the project.   | ||||
| @@ -12,7 +12,7 @@ If you know of a publicly disclosed security vulnerability for Firefly III, plea | ||||
|  | ||||
| **IMPORTANT: Do not file public issues on GitHub for security vulnerabilities** | ||||
|  | ||||
| To report a vulnerability or a security-related issue, please email the private address james@firefly-iii.org with the details of the vulnerability. The email will be fielded by the developer of Firefly III. Emails will be addressed within 3 business days, including a detailed plan to investigate the issue and any potential workarounds to perform in the meantime. Do not report non-security-impacting bugs through this channel. Use [GitHub issues](https://github.com/firefly-iii/firefly-iii/issues/new/choose) instead. | ||||
| To report a vulnerability or a security-related issue, please email the private address james@firefly-iii.org with the details of the vulnerability. The email will be received by the developer of Firefly III. Emails will be addressed within 3 business days, including a detailed plan to investigate the issue and any potential workarounds to perform in the meantime. Do not report non-security-impacting bugs through this channel. Use [GitHub issues](https://github.com/firefly-iii/firefly-iii/issues/new/choose) instead. | ||||
|  | ||||
| ### Proposed Email Content | ||||
| Provide a descriptive subject line and in the body of the email include the following information: | ||||
|   | ||||
		Reference in New Issue
	
	Block a user