mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-21 06:50:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
29,952 Commits 15 Branches 222 Tags 191 MiB
b0564c1d54
Commit Graph

28 Commits

Author SHA1 Message Date
Daniel Stenberg
07dfbc08bf
SECURITY-PROCESS.md: document severity levels 
Closes #10118
 2022-12-21 16:26:35 +01:00
Thiago Suchorski
75670e4573
docs: minor grammar fixes 
Closes #9609
 2022-09-29 10:44:12 +02:00
Daniel Stenberg
fd1ce3d4b0
docs: spellfixes 
Pointed by the new CI job
 2022-09-21 15:20:08 +02:00
Daniel Stenberg
fda897f5a1
docs: fix proselint complaints 2022-09-19 17:32:12 +02:00
Marco Kamner
263409cf24
docs: remove him/her/he/she from documentation 
Closes #9208
 2022-07-27 13:52:53 +02:00
Daniel Stenberg
45c578f662
docs/SECURITY-PROCESS.md: "Visible command line arguments" 2022-05-03 13:37:04 +02:00
Daniel Stenberg
0d015fb3f6
SECURITY-PROCESS: mention "URL inconsistencies" 
... as common problems that are *not* vulns.
 2022-05-03 08:50:10 +02:00
Daniel Stenberg
ba342909cc
SECURITY-PROCESS: extended 
Also clarify BUG-BOUNTY.md with IBB details.

Closes #8754
 2022-04-27 15:34:21 +02:00
Antoine Pietri
b341b7675b
docs: grammar proofread, typo fixes 
(Partially automated) proofread of most of the documentation, leading to
various typo fixes.

Closes #8353
 2022-01-30 12:06:05 +01:00
Daniel Stenberg
a28464ae77
docs: reduce/avoid English contractions 
You're => You are
Hasn't => Has not
Doesn't => Does not
Don't => Do not
You'll => You will
etc

Closes #7930
 2021-11-07 23:16:27 +01:00
Daniel Stenberg
92efb3db7e
docs: reduce use of "very" 
"Very" should be avoided in most texts. If intensifiers are needed, try
find better words instead.

Closes #7936
 2021-11-01 16:13:12 +01:00
Daniel Stenberg
408f61dc30
SECURITY-PROCESS: tweak a little to match current practices 
Closes #7713
 2021-09-13 16:26:30 +02:00
Daniel Stenberg
ab2f27cf88
docs: the security list is reached at security at curl.se now 
Also update the FAQ section a bit to encourage users to rather submit
security issues on hackerone than sending email.

Closes #7689
 2021-09-10 10:51:12 +02:00
Daniel Stenberg
6703eb2f4c
SECURITY-PROCESS: disclose on hackerone 
Once a vulnerability has been published, the hackerone issue should be
disclosed. For tranparency.

Closes #6275
 2020-12-03 22:29:34 +01:00
Daniel Stenberg
4d2f800677
curl.se: new home 
Closes #6172
 2020-11-04 23:59:47 +01:00
H3RSKO
3d221409e2
docs: change "web site" to "website" 
According to wikipedia:

 While "web site" was the original spelling, this variant has become
 rarely used, and "website" has become the standard spelling

Closes #5822
 2020-08-17 00:14:18 +02:00
Daniel Stenberg
b4988286a9
SECURITY-PROCESS: fix links [ci skip] 2019-05-11 17:50:37 +02:00
Reed Loden
361f9957cb
docs: minor polish to the bug bounty / security docs 
Closes #3811
 2019-04-29 08:09:10 +02:00
Daniel Stenberg
10e4dd6a7b
docs/BUG-BOUNTY: bug bounty time [skip ci] 
Introducing the curl bug bounty program on hackerone. We now recommend
filing security issues directly in the hackerone ticket system which
only is readable to curl security team members.

Assisted-by: Daniel Gustafsson

Closes #3488
 2019-04-22 17:19:19 +02:00
Daniel Stenberg
4a01a20bdb
SECURITY-PROCESS: bountygraph shuts down 
This backpedals back the documents to the state before bountygraph.

Closes #3311
 2018-11-30 22:50:36 +01:00
Daniel Stenberg
1a0cf36fbf
docs/SECURITY-PROCESS: the hackerone IBB program drops curl 
... now there's only BountyGraph.
 2018-10-17 08:02:37 +02:00
Daniel Gustafsson
e9605dbda2 SECURITY-PROCESS: make links into hyperlinks 
Use proper Markdown hyperlink format for the Bountygraph links in order
for the generated website page to be more user friendly. Also link to
the sponsors to give them a little extra credit.

Closes #3082
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
 2018-10-03 10:17:09 +02:00
Daniel Stenberg
3cae1cd699
SECURITY-PROCESS: mention the bountygraph program [ci skip] 
Closes #3032
 2018-09-22 12:00:00 +02:00
Viktor Szakats
420087bb30 secure Openwall URLs 2018-09-14 18:48:35 +00:00
Daniel Stenberg
a040ff88e4
docs/SECURITY-PROCESS: now we name the files after the CVE id 2018-08-20 11:49:58 +02:00
Daniel Stenberg
29b78a537f
docs/SECURITY-PROCESS: mention bounty, drop pre-notify 
+ The hackerone bounty and its process

- We don't and can't handle pre-notification
 2018-07-12 12:32:54 +02:00
Daniel Stenberg
a857057536
SECURITY-PROCESS: mention how we write/add advisories 2018-03-14 14:20:24 +01:00
Daniel Stenberg
029ae11034
docs/SECURITY.md -> docs/SECURITY-PROCESS.md 2018-03-11 23:41:50 +01:00