flora is a fast and secure runtime that lets you write discord bots for your servers, with a rich TypeScript SDK, without worrying about running infrastructure. [mirror]
chore: add security reporting guidelines
+3
-17
+3
-17
README.md
+3
-17
README.md
···
8
8
9
9
This is still taking shape, and will have a proper release soon. To stay up to date on flora's progress, watch this repository, or check out the documentation: https://flora.uwu.network/sdk
10
10
11
-
## Buck2
12
-
13
-
Buck2 setup for Rust/runtime/cli builds is documented in `docs/buck2.md`.
14
-
15
-
## Quick Commands
16
-
17
-
```bash
18
-
# build runtime (dev)
19
-
./x build-dev
20
-
21
-
# build runtime release with buck2
22
-
./x build-release
11
+
## Security
23
12
24
-
# run runtime (dev)
25
-
./x run-dev
13
+
If you believe you have found a security vulnerability in flora, we encourage you to responsibly disclose this and NOT open a public issue. We will investigate all legitimate reports.
26
14
27
-
# build + run runtime release
28
-
./x run-release
29
-
```
15
+
Our preference is that you make use of GitHub's private vulnerability reporting feature to disclose potential security vulnerabilities in our Open Source Software. To do this, please visit https://github.com/uwu/flora/security and click the "Report a vulnerability" button.