Skip to content

spearbit-audits/audit-template

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.github/ISSUE_TEMPLATE
.github/ISSUE_TEMPLATE
 
 
README.md
README.md
 
 
create-labels.py
create-labels.py
 
 

Repository files navigation

Template for Security Reviews

This is the Spearbit template repository for security reviews.

Create GitHub issues with the finding.md template and use the appropriate severity labels (see below).

  • Inside the ISSUE_TEMPLATE, change the [PROJECT]: name to the client's name accordingly.

  • Please run the create-labels.py script locally when preparing the audit repository to remove Github's default labels and introduce custom ones in order to improve auditors workflow.

Workflow

  • Leave initial comments / findings on the GitHub pull requests. This can be used to collaboratively discuss among the security review team and the client asynchronously.

  • Once a finding from a pull request review is finalized, it can be converted into a GitHub issue with the following tags:

    1. Severity: Critical Risk.
    2. Severity: High Risk.
    3. Severity: Medium Risk.
    4. Severity: Low Risk.
    5. Severity: Gas Optimization.
    6. Severity: Informational.
    7. Status: Acknowledged.
    8. Status: Fixed.
    9. Status: ReadyForReport.
Severity level Impact: High Impact: Medium Impact: low
Likelihood:high Critical High Medium
Likelihood:medium High Medium Low
Likelihood:low Medium Low Low
  • These issues should then be polished and properly typeset. This task is mainly aimed at non-lead security researchers and apprentices in the project. Please follow the style guidelines.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

35 stars

Watchers

3 watching

Forks

13 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages