After the repo is flipped to public, enable Private Vulnerability Reporting:
- Settings → Code security → toggle on Privately report a security vulnerability
This activates the link already in SECURITY.md:
`https://github.com/intility/json-api-toolkit/security/advisories/new\`
Until then, the email fallback (`security@intility.no`) is the only path.
Related: #98
After the repo is flipped to public, enable Private Vulnerability Reporting:
This activates the link already in SECURITY.md:
`https://github.com/intility/json-api-toolkit/security/advisories/new\`
Until then, the email fallback (`security@intility.no`) is the only path.
Related: #98