Skip to content

Commit

Permalink
doc: add point to ask H1 reporter about credit
Browse files Browse the repository at this point in the history
This commit updates the security release process document with a bullet
point to ask the HackerOne reporter if they would like to be credited
for reporting the vulnerability. We might also be able to add a question
like this to the HackerOne template when a report is created, but it
would still be good to have this bullet point to remember to include the
information in the security release blog post.

PR-URL: #39585
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
  • Loading branch information
danbev authored and targos committed Sep 4, 2021
1 parent 469190d commit 3d26572
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions doc/guides/security-release-process.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,11 @@ information described.
the date in the slug so that it will move to the top of the blog list.)
* [ ] pre-release: ***LINK TO PR***
* [ ] post-release: ***LINK TO PR***
* Ask the HackerOne reporter if they would like to be credited on the
security release blog page:
```text
Thank you to <name> for reporting this vulnerability.
```
* [ ] Get agreement on the planned date for the release: ***RELEASE DATE***
Expand Down

0 comments on commit 3d26572

Please sign in to comment.