mirror of
https://github.com/aljazceru/ark.git
synced 2026-01-28 07:44:20 +01:00
0e4e491bc3
* readme * remove codeQL * add security * add license * add SECURITY.md * Update README.md Signed-off-by: Marco Argentieri <3596602+tiero@users.noreply.github.com> --------- Signed-off-by: Marco Argentieri <3596602+tiero@users.noreply.github.com>
22 lines
1021 B
Markdown
22 lines
1021 B
Markdown
# Security Disclosures
|
|
|
|
Security is a top priority for Ark. If you discover a security issue, please bring it to our attention right away. Please DO NOT file a public issue, instead send your report privately:
|
|
|
|
- sending an email to <security@arklabs.to>; or
|
|
- sending a NIP-04 DM to [npub1hf5...dp8n](https://primal.net/p/npub1hf5sgehj874r3y2hps9r36qap20cffauc7t895var2ajlsg32mcqa7dp8n).
|
|
|
|
Security reports are greatly appreciated and we will publicly thank you for it.
|
|
|
|
The following keys may be used to communicate sensitive information to developers:
|
|
|
|
| Name | PGP Public Key URL | Fingerprint |
|
|
|------|-------------|-------------|
|
|
| Marco Argentieri | [https://github.com/tiero.gpg](https://github.com/tiero.gpg) | 0F6586CE8DA12FB1 |
|
|
| Pietralberto Mazza | [https://github.com/altafan.gpg](https://github.com/altafan.gpg) | 6C7639DEA147673B |
|
|
|
|
You can import a key by running the following command in your terminal and verify the fingerprint matches the one above:
|
|
|
|
```bash
|
|
gpg --fetch-keys <PGP Public Key URL>
|
|
```
|