chore: create security.txt (#878)

Adding a security.txt file enables security researchers to quickly and easily see where they can submit security issues and know that they are being taken serious. From the proposal website: > "When security risks in web services are discovered by independent security researchers who understand the severity of the risk, they often lack the channels to disclose them properly. As a result, security issues may be left unreported. security.txt defines a standard to help organizations define the process for security researchers to disclose security vulnerabilities securely.” See also https://securitytxt.org
2025-11-19 11:12:06 +10:00 · 2024-02-16 12:34:41 +11:00
parent fe2093fe7c 3e12a05ab8
commit e5f4edc120
8 changed files with 54 additions and 56593 deletions
--- a/apps/marketing/public/.well-known/security.txt
+++ b/apps/marketing/public/.well-known/security.txt
@ -0,0 +1,7 @@
+# General Issues
+Contact: https://github.com/documenso/documenso/issues/new?assignees=&labels=bug&projects=&template=bug-report.yml
+
+# Report critical issues privately to let us take appropriate action before publishing.
+Contact: mailto:security@documenso.com
+Preferred-Languages: en
+Canonical: https://documenso.com/.well-known/security.txt
--- a/apps/marketing/public/pdf.worker.min.js
+++ b/apps/marketing/public/pdf.worker.min.js
--- a/apps/web/public/.well-known/security.txt
+++ b/apps/web/public/.well-known/security.txt
@ -0,0 +1,7 @@
+# General Issues
+Contact: https://github.com/documenso/documenso/issues/new?assignees=&labels=bug&projects=&template=bug-report.yml
+
+# Report critical issues privately to let us take appropriate action before publishing.
+Contact: mailto:security@documenso.com
+Preferred-Languages: en
+Canonical: https://documenso.com/.well-known/security.txt