Files
Auto_Bangumi/SECURITY.md
Estrella Pan 8600bb7cf7 docs(security): add working disclosure contact email
GitHub private vulnerability reporting is now enabled on the repo, and the
email fallback previously pointed at a non-public profile email. Point it at
a concrete address so both documented disclosure channels actually work
(raised by a reporter in #1041).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_014w1Z6Nxy6XTRgkFXqPr9Zh
2026-07-02 13:49:23 +02:00

1.7 KiB

Security Policy / 安全政策

Supported Versions / 支持的版本

Version Supported
3.x
< 3.0

Reporting a Vulnerability / 报告漏洞

English

If you discover a security vulnerability in AutoBangumi, please report it responsibly:

  1. GitHub Private Vulnerability Reporting (Recommended): Use GitHub's private vulnerability reporting feature to submit your report securely.

  2. Email: Contact the maintainer directly at estrellaxd05@gmail.com.

Please do NOT:

  • Open a public GitHub issue for security vulnerabilities
  • Disclose the vulnerability publicly before it has been addressed

What to include in your report:

  • Description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact
  • Any suggested fixes (optional)

We will acknowledge receipt of your report within 48 hours and work to address the issue promptly.


中文

如果您在 AutoBangumi 中发现安全漏洞,请通过以下方式负责任地报告:

  1. GitHub 私密漏洞报告(推荐):使用 GitHub 的私密漏洞报告功能 安全地提交您的报告。

  2. 邮件:直接联系维护者,邮箱 estrellaxd05@gmail.com

请勿:

  • 在公开的 GitHub Issue 中报告安全漏洞
  • 在漏洞被修复之前公开披露

报告中请包含:

  • 漏洞描述
  • 复现步骤
  • 潜在影响
  • 修复建议(可选)

我们将在 48 小时内确认收到您的报告,并尽快处理该问题。