rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Remove mention of Google Group from CONTRIBUTING

Browse Source
This commit is contained in:
Dirkjan Ochtman
2025-06-16 11:58:16 +02:00
parent eaef7f63c3
commit 02e6496f7c
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CONTRIBUTING.md
View File

@@ -13,7 +13,7 @@ To add an advisory to the RustSec database, open a [Pull Request] against
3. Write a human-readable Markdown description in the same file, after the <code>\```</code> marker and a newline. Use [this example advisory][example] as a reference. 3. Write a human-readable Markdown description in the same file, after the <code>\```</code> marker and a newline. Use [this example advisory][example] as a reference.
4. Open a [Pull Request]. After being reviewed your advisory will be assigned 4. Open a [Pull Request]. After being reviewed your advisory will be assigned
a `RUSTSEC-*` advisory identifier and be published to the database. a `RUSTSEC-*` advisory identifier and be published to the database.
### Optional Steps ### Optional Steps
Feel free to do either or both of these as you see fit (we recommend you do both): Feel free to do either or both of these as you see fit (we recommend you do both):
@@ -55,13 +55,11 @@ When in doubt, please open a PR.
A: No, anyone can file an advisory against any crate. The legitimacy of A: No, anyone can file an advisory against any crate. The legitimacy of
vulnerabilities will be determined prior to merging. If a vulnerability vulnerabilities will be determined prior to merging. If a vulnerability
turns out to be fake, it will be removed from the database. turns out to be fake, it will be removed from the database.
**Q: Can I file an advisory without creating a pull request?** **Q: Can I file an advisory without creating a pull request?**
A: Yes, instead of creating a full advisory yourself, you can also A: Yes, instead of creating a full advisory yourself, you can also
[open an issue on the advisory-db repo](https://github.com/RustSec/advisory-db/issues) [open an issue on the advisory-db repo](https://github.com/RustSec/advisory-db/issues).
or email information about the vulnerability to
[rustsec@googlegroups.com](mailto:rustsec@googlegroups.com).
**Q: Does this project have a GPG key or other means of handling embargoed vulnerabilities?** **Q: Does this project have a GPG key or other means of handling embargoed vulnerabilities?**