Update CONTRIBUTING.md and SECURITY.md
This commit is contained in:
parent
ac8629d449
commit
ba10646e8a
2 changed files with 10 additions and 7 deletions
|
@ -1,28 +1,31 @@
|
|||
# Contributing
|
||||
|
||||
Pterodactyl does not accept Pull Requests (PRs) _for new functionality_ from users that are not currently part of the
|
||||
core project team. It has become overwhelming to try and give the proper time and attention that such complicated PRs
|
||||
tend to require — and deserve. As a result, it is in the project's best interest to limit the scope of work on
|
||||
new functionality to work done within the core project team.
|
||||
|
||||
PRs that address existing _bugs_ with a corresponding issue opened in our issue tracker will continue to be accepted
|
||||
and reviewed. Their scope is often signficantly more targeted, and simply improving upon existing and well defined
|
||||
and reviewed. Their scope is often significantly more targeted, and simply improving upon existing and well defined
|
||||
logic.
|
||||
|
||||
### Responsible Disclosure
|
||||
|
||||
This is a fairly in-depth project and makes use of a lot of parts. We strive to keep everything as secure as possible
|
||||
and welcome you to take a look at the code provided in this project yourself. We do ask that you be considerate of
|
||||
others who are using the software and not publicly disclose security issues without contacting us first by email.
|
||||
|
||||
We'll make a deal with you: if you contact us by email and we fail to respond to you within a week you are welcome to
|
||||
We'll make a deal with you: if you contact us by email, and we fail to respond to you within a week you are welcome to
|
||||
publicly disclose whatever issue you have found. We understand how frustrating it is when you find something big and
|
||||
no one will respond to you. This holds us to a standard of providing prompt attention to any issues that arise and
|
||||
keeping this community safe.
|
||||
|
||||
If you've found what you believe is a security issue please email `dane@pterodactyl.io`. Please check
|
||||
If you've found what you believe is a security issue please email `matthew@pterodactyl.io`. Please check
|
||||
[SECURITY.md](/SECURITY.md) for additional details.
|
||||
|
||||
### Contact Us
|
||||
You can find us in a couple places online. First and foremost, we're active right here on Github. If you encounter a
|
||||
|
||||
You can find us in a couple places online. First and foremost, we're active right here on GitHub. If you encounter a
|
||||
bug or other problems, open an issue on here for us to take a look at it. We also accept feature requests here as well.
|
||||
|
||||
You can also find us on [Discord](https://discord.gg/pterodactyl).
|
||||
|
|
|
@ -4,14 +4,14 @@
|
|||
The following versions of Pterodactyl are receiving active support and maintenance. Any security vulnerabilities discovered must be reproducible in supported versions.
|
||||
|
||||
| Panel | Daemon | Supported |
|
||||
|--------|--------------| ------------------ |
|
||||
|--------|--------------|--------------------|
|
||||
| 1.10.x | wings@1.7.x | :white_check_mark: |
|
||||
| 0.7.x | daemon@0.6.x | :x: |
|
||||
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Please reach out directly to any project team member on Discord when reporting a security vulnerability, or you can send an email to `dane@pterodactyl.io`.
|
||||
Please reach out directly to any project team member on Discord when reporting a security vulnerability, or you can email `matthew@pterodactyl.io`.
|
||||
|
||||
We make every effort to respond as soon as possible, although it may take a day or two for us to sync internally and determine the severity of the report and its impact. Please, _do not_ use a public facing channel or GitHub issues to report sensitive security issues.
|
||||
|
||||
|
|
Loading…
Reference in a new issue