Trying to get in touch regarding a security issue #544
Comments
maybe @barryvdh |
|
Yes please email me directly. My username at Gmail |
|
Was this fixed by barryvdh/laravel-debugbar#1442, barryvdh/laravel-debugbar#1443 Knowit? |
|
I don't think these are related. Also I think those PRs are not directly an issue for this repo because storage isn't enabled by default. |
|
Shouldn't that be a PR and let Pavlos to maintain it? Or any other who
would? And, TBH: most of security warnings refer to:
1 - People who let it activate on production (really? yeah, there are some)
2 - PHP issues (if it's off on production, if persistent data is not
mutable by the component, this is NOT a bug from us, but from
implementation).
So, Pavlos, welcome to the maintainer role SECURITY.md. Write it and create
the PR. Welcome to the team. Your role is really important now.
Cheers
…On Thu, 24 Aug 2023 at 17:18, Barry vd. Heuvel ***@***.***> wrote:
I don't think these are related. Also I think those PRs are not directly
an issue for this repo because storage isn't enabled by default.
—
Reply to this email directly, view it on GitHub
<#544 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABFFM2TPE7TKB2R73VPADZ3XW55FVANCNFSM6AAAAAA2NQOYQM>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
--
[image: Learn Software Engineering - Apps on Google Play]
*Pablo Santiago Sánchez*
Software Engineer
p ***@***.***>***@***.*** / ***@***.***
+353838691070
*"Pluralitas non est ponenda sine necessitate"*
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello 👋
I run a security community that finds and fixes vulnerabilities in OSS. A researcher (@Rudloff) has found a potential issue, which I would be eager to share with you.
Could you add a
SECURITY.mdfile with an e-mail address for me to send further details to? GitHub recommends a security policy to ensure issues are responsibly disclosed, and it would help direct researchers in the future.Looking forward to hearing from you 👍
(cc @huntr-helper)
The text was updated successfully, but these errors were encountered: