httpie-cli/SECURITY.md

# Security policy

## Reporting a vulnerability

When you identify a vulnerability in HTTPie, please report it privately using one of the following channels:

- Email to [`security@httpie.io`](mailto:security@httpie.io)
- Report on [huntr.dev](https://huntr.dev/)

In addition to the description of the vulnerability, please include also:

- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.)
- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
- [CWE](https://cwe.mitre.org/) ID, if available.
Tweak SECURITY and add a Security policy section to docs 2022-03-07 21:55:51 +02:00			`# Security policy`
Apply suggestions from the review 2022-03-04 13:09:16 +02:00
Tweak SECURITY and add a Security policy section to docs 2022-03-07 21:55:51 +02:00			`## Reporting a vulnerability`
Apply suggestions from the review 2022-03-04 13:09:16 +02:00
Tweak SECURITY and add a Security policy section to docs 2022-03-07 21:55:51 +02:00			`When you identify a vulnerability in HTTPie, please report it privately using one of the following channels:`
Apply suggestions from the review 2022-03-04 13:09:16 +02:00
Tweak SECURITY and add a Security policy section to docs 2022-03-07 21:55:51 +02:00			- Email to [`security@httpie.io`](mailto:security@httpie.io)
			`- Report on [huntr.dev](https://huntr.dev/)`

			`In addition to the description of the vulnerability, please include also:`

			`- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.)`
			- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
			`- [CWE](https://cwe.mitre.org/) ID, if available.`