mirror of
https://github.com/mozilla/pdf.js.git
synced 2025-04-19 14:48:08 +02:00
4033913acc
This commit fixes two issues that have been found after commit 2beae7a
landed, namely:
- The security checkbox image is not rendering at
https://github.com/mozilla/pdf.js/security/policy because the
`SECURITY.md` file is apparently served differently there (because it
does work as expected at
https://github.com/mozilla/pdf.js/blob/master/.github/SECURITY.md),
which causes the relative link not to work. We switch to an absolute
link to fix the issue.
- If a security policy is defined it turns out that GitHub automatically
adds a row to the "New issue" page; see
https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
where it states "When someone creates an issue in your repository, they
will see a link to your project's security policy". Since we now have
two rows at https://github.com/mozilla/pdf.js/issues/new/choose about
the security policy, we remove our own version in favor of the
standard GitHub-provided one.
872 B
872 B
Security policy
Mozilla takes the security of our software seriously. If you believe you have found a security vulnerability in PDF.js, please report it to us as described below.
Reporting security vulnerabilities
Please don't report security vulnerabilities through public GitHub issues.
Instead, please report security vulnerabilities in Bugzilla and make sure that the checkbox in the "Security" section is checked so the required access controls are automatically configured:
The Mozilla security team will process the bug as described in Mozilla's security bugs policy.