[contributing.md] add how to report security bugs (#3005)
* [contributing.md] add how to report security bugs I think it's a good idea mentioning how to report vulnerabilities in contributing.md, by pointing them to SECURITY.md. This is useful in case people only read contributing.md but not security.md, and incorrectly believe that your team prefers discussing security issues on GitHub. * Use full name of MSRC As suggested by miniksa, change "MSRC" to "Microsoft Security Response Center (MSRC)"
This commit is contained in:
parent
8ae65f5444
commit
505ceaccf6
|
@ -21,6 +21,9 @@ We drive the bot by tagging issues with specific labels which cause the bot engi
|
|||
Therefore, if you do file issues, or create PRs, please keep an eye on your GitHub notifications. If you do not respond to requests for information, your issues/PRs may be closed automatically.
|
||||
|
||||
---
|
||||
## Reporting Security Issues
|
||||
|
||||
**Please do not report security vulnerabilities through public GitHub issues.** Instead, please report them to the Microsoft Security Response Center (MSRC). See [Security.md](../SECURITY.md) for more information.
|
||||
|
||||
## Before you start, file an issue
|
||||
|
||||
|
|
Loading…
Reference in a new issue