Skip to content

Commit

Permalink
SECURITY: make conduct section, warn against weaponized PRs
Browse files Browse the repository at this point in the history 
Signed-off-by: William Woodruff <[email protected]>
  • Loading branch information
@woodruffw
woodruffw committed Jan 31, 2024
1 parent e96de20 commit 0d1b6a7
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,12 @@ The following do not constitute security vulnerabilities in Homebrew:
- security vulnerabilities in software used by but not written by Homebrew
- nominal clickjacking and similar attacks against our static, GitHub Pages websites

While researching, we'd like to ask you to refrain from:
## Conduct

While researching, we ask you to refrain from:

- Denial of service
- Spamming
- Social engineering (including phishing) of Homebrew maintainers or contributors
- Any physical attempts against Homebrew's machines

- Testing discoveries on Homebrew's CI/CD or other services by filing public PRs containing weaknesses

0 comments on commit 0d1b6a7

Please sign in to comment.