doc: Improve security reporting guidelines

See #7524
author: Florian Bruhin <me@the-compiler.org> 2022-12-13 14:24:32 +0100
committer: Florian Bruhin <me@the-compiler.org> 2022-12-13 14:24:32 +0100
commit: 9bf258c8f8fa2c255be92535a64fd356146d8482 (patch)
tree: 90a4a3747a209cb1faee154775bf7041e38ecb24 /.github
parent: 5afc8a68191160f8d5c74b92874a0032d3c1996e (diff)
download: qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.tar.gz
qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index 7df41b38e..a523b9bdb 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -1 +1,4 @@
 Please report security bugs to [security@qutebrowser.org](mailto:security@qutebrowser.org).
+(or if GPG encryption is desired, contact me@the-compiler.org with GPG ID [0x916EB0C8FD55A072](https://www.the-compiler.org/pubkey.asc)).
+
+Alternatively, [report a vulnerability](https://github.com/qutebrowser/qutebrowser/security/advisories/new) via GitHub's [private reporting feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
author	Florian Bruhin <me@the-compiler.org>	2022-12-13 14:24:32 +0100
committer	Florian Bruhin <me@the-compiler.org>	2022-12-13 14:24:32 +0100
commit	9bf258c8f8fa2c255be92535a64fd356146d8482 (patch)
tree	90a4a3747a209cb1faee154775bf7041e38ecb24 /.github
parent	5afc8a68191160f8d5c74b92874a0032d3c1996e (diff)
download	qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.tar.gz qutebrowser-9bf258c8f8fa2c255be92535a64fd356146d8482.zip