mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-06-11 00:55:59 -04:00

Files

Alexandre Alapetite c5d3954989 Update security policy due to many duplicated AI reports (#8900 )

Inspired by <https://lkml.org/lkml/2026/5/17/896>

2026-06-01 01:33:32 +02:00

878 B

Raw Blame History

Security Policy

Reporting a Vulnerability

Draft a new security advisory online, or report security issues to alexandre@alapetite.fr (PGP public key if relevant).

AI-assisted security scanning

Include:

Which AI tool was used
Whether you are yourself a user of FreshRSS

Recommendations:

Check duplicates in existing public PRs, issues, discussions, documentation
Consider submitting a public PR if the vulnerability was mostly found by a public AI

Inspiration from https://lkml.org/lkml/2026/5/17/896:

AI detected bugs are pretty much by definition not secret, and treating them on some private list is a waste of time for everybody involved - and only makes that duplication worse because the reporters can't even see each other's reports.

878 B Raw Blame History

Security Policy

Reporting a Vulnerability

AI-assisted security scanning

878 B

Raw Blame History