upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-03 20:41:22 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

Merge pull request #45240 from nextcloud/jtr/issue-template-security-redirect

Browse source 
fix(issue_template): Add security reporting redirect to bug report form
This commit is contained in:
Andy Scherzinger 2024-05-10 11:06:58 +02:00 committed by GitHub
commit 3669608b23
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 14 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
.github/ISSUE_TEMPLATE/BUG_REPORT.yml vendored
View file

@ -1,4 +1,4 @@
name: "Bug report: Nextcloud Server"
name: "🐛 Bug report: Nextcloud Server"
description: "Submit a report and help us improve Nextcloud Server"
title: "[Bug]: "
labels: ["bug", "0. Needs triage"]
@ -9,6 +9,14 @@ body:
### 👍 Thank you for contributing to our project!
Please note this is a **free and open-source** project. Most people take on their own time to help you, so please, be patient.
You can obtain [Enterprise support](https://nextcloud.com/support/) if you run Nextcloud Server in a mission critical environment.
- type: markdown
attributes:
value: |
### 🚨 SECURITY INFO
If you are reporting a security concern, please report it via [our HackerOne page](https://hackerone.com/nextcloud) instead and review our [security policy](https://nextcloud.com/security/).
This allows us to coordinate the fix and release without potentially exposing all Nextcloud servers and users in the meantime.
It also may qualify your report for a bug bounty reward.
Thank you for helping make Nextcloud more secure!
- type: checkboxes
id: before-posting
attributes:
@ -38,7 +46,7 @@ body:
label: Steps to reproduce
description: |
Describe the steps to reproduce the bug.
The better your description is _(go 'here', click 'there'...)_ the fastest you'll get an _(accurate)_ answer.
The better your description is _(go 'here', click 'there'...)_ the fastest you'll get an _(accurate)_ answer.
value: |
1.
2.
@ -197,7 +205,7 @@ body:
Provide Nextcloud Signing status.
First, login as Admin user into your Nextcloud, then access this URL:
```shell
https://yournextcloud.tld/index.php/settings/integrity/failed
https://yournextcloud.tld/index.php/settings/integrity/failed
```
> NOTE: This will be automatically formatted into code for better readability.
render: shell

4
.github/ISSUE_TEMPLATE/config.yml vendored
View file

@ -1,5 +1,7 @@
blank_issues_enabled: false
contact_links:
- name: 🚨 Report a security or privacy issue
url: https://hackerone.com/nextcloud
about: Report security and privacy related issues privately to the Nextcloud team, so we can coordinate the fix and release without potentially exposing all Nextcloud servers and users in the meantime.
- name: ❓ Community Support and Help
url: https://help.nextcloud.com/
about: Configuration, webserver/proxy or performance issues and other questions