From cd6bc958c662e6681cb110a8dcfd31dcb256a0b5 Mon Sep 17 00:00:00 2001 From: Julien Danjou Date: Thu, 28 Sep 2023 09:01:28 +0200 Subject: [PATCH] docs(security): add bug bounty (#2319) Change-Id: I74b81542fe941c20cd709eda70ee55ba4ba8d480 --- src/content/security.mdx | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/content/security.mdx b/src/content/security.mdx index 97acbc31ab..59b4c0236e 100644 --- a/src/content/security.mdx +++ b/src/content/security.mdx @@ -4,6 +4,7 @@ description: Learn more about Mergify security obsession. --- import { Button, ButtonGroup, Table, Tbody, Td, Th, Thead, Tr } from '@chakra-ui/react'; +import { PrimaryLink } from '../components/RelativeLink'; At Mergify, security is of utmost importance to us. We understand the crucial role we play in the software development process and are fully committed to @@ -31,6 +32,17 @@ prioritize your trust. Click the button above to access our Trust Report page, where you will find in-depth information on our security measures and our ongoing commitment to protecting your data. +## Bug Bounty Program + +Mergify hosts its private Bug Bounty program with HackerOne. If you’re an +independent security expert or researcher and believe you’ve discovered a +security-related issue on our platform, we appreciate you disclosing the issue +to us responsibly, and thank you for your time and expertise. + +If you want to participate in our private Bug Bounty Program, send us an email +at security@mergify.com +with your HackerOne username or the email you want an invitation for. + ## Required Permissions Below is the list of the required permission on GitHub for