Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document security policy being shown along with issue templates #18798

Open
1 task done
oplik0 opened this issue Jun 24, 2022 · 1 comment · May be fixed by #18800
Open
1 task done

Document security policy being shown along with issue templates #18798

oplik0 opened this issue Jun 24, 2022 · 1 comment · May be fixed by #18800
Labels
content

Comments

@oplik0
Copy link

@oplik0 oplik0 commented Jun 24, 2022

Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/about-issue-and-pull-request-templates

What part(s) of the article would you like to see updated?

Currently the docs don't seem to mention the fact that security policy is shown on the issue template chooser, and the configure section specifically has an example with a link to bug bounty:

blank_issues_enabled: false
contact_links:
  - name: GitHub Community Support
    url: https://github.community/
    about: Please ask and answer questions here.
  - name: GitHub Security Bug Bounty
    url: https://bounty.github.com/
    about: Please report security vulnerabilities here.

This, combined with it being quite inconvenient to test the templates due to them only working on the default branch, means it's quite possible to accidentally create a redundant contact link for security information.

As such I think it'd be a good idea to clarify that security policy will be also be shown alongside issue templates and perhaps add it to the screenshot of the issue template chooser in the article.

Additional information

An example of me adding a redundant link due to not knowing that security policy would be displayed can be seen in NodeBB repo: NodeBB/NodeBB#10720 (and the PR fixing it: NodeBB/NodeBB#10723)
example of redundant Security Issues link below the default Report a security vulnerability link to the security policy
@oplik0 oplik0 added the content label Jun 24, 2022
@welcome
Copy link

@welcome welcome bot commented Jun 24, 2022

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

@github-actions github-actions bot added the triage label Jun 24, 2022
oplik0 added a commit to oplik0/docs-1 that referenced this issue Jun 24, 2022
@oplik0
Add information about security policy being shown in template chooser
a9bb021 
resolves github#18798
@oplik0 oplik0 linked a pull request Jun 24, 2022 that will close this issue
Open
5 tasks
@janiceilene janiceilene removed the triage label Jun 28, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
content
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add information about security policy being shown in template chooser oplik0/docs-1
2 participants
@janiceilene @oplik0