Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / securitytxt/security-txt issues and pull requests

#224 - RFC and Website should be consistent

Pull Request - State: open - Opened by JannisBush 30 days ago

#223 - Allow HTML

Issue - State: open - Opened by acjbizar about 2 months ago - 5 comments

#220 - Checksum, hashing and notification

Issue - State: open - Opened by Hyperpolymath 11 months ago - 2 comments

#218 - @sirathampitak

Issue - State: closed - Opened by tunsira almost 2 years ago

#217 - Clarification for Canonical field

Issue - State: closed - Opened by DigitalTrustCenter about 2 years ago - 2 comments

#216 - SSH signatures as an alternative to OpenPGP ones

Issue - State: open - Opened by Mikaela over 2 years ago - 3 comments
Labels: future work

#215 - This project appears dead, should someone fork it?

Issue - State: closed - Opened by grintor over 2 years ago - 3 comments

#214 - Specify allowed encryption schemes

Issue - State: open - Opened by technion about 3 years ago - 15 comments
Labels: ▶️ spec, ➡ Encryption:, future work

#213 - Scope field

Issue - State: open - Opened by nightwatchcyber about 3 years ago - 9 comments
Labels: future work

#212 - Use /.well-known/humans.txt URI instead?

Issue - State: closed - Opened by rugk about 3 years ago - 1 comment

#211 - Review my security.txt

Issue - State: closed - Opened by k0nsl over 3 years ago - 4 comments

#210 - Permitted values of Acknowledgments field?

Issue - State: closed - Opened by berkas1 over 3 years ago - 3 comments

#209 - Add a link to the human and machine readable security advisories

Issue - State: open - Opened by santosomar over 3 years ago - 7 comments
Labels: future work

#208 - Should the datetimes use an ISO8601 profile?

Issue - State: closed - Opened by edent over 3 years ago - 2 comments

#207 - Support distinct policies: bug bounty and external vuln disclosure

Issue - State: open - Opened by vladionescu over 3 years ago - 3 comments
Labels: future work

#206 - detached signatures (allow multiple people to sign the security.txt)

Issue - State: open - Opened by herbetom over 3 years ago
Labels: future work

#205 - Example of a signed "security.txt" file Header is Missing Hyphen

Issue - State: closed - Opened by theckman over 3 years ago - 1 comment
Labels: ▶️ spec

#204 - Consider clarifying whether Encryption should point directly to the key

Issue - State: closed - Opened by joker314 over 3 years ago - 1 comment
Labels: ▶️ spec, ➡ Encryption:

#203 - Remove demonstration for file system security.txt files

Pull Request - State: closed - Opened by joker314 over 3 years ago

#202 - Aligning ISO and CERT language with the draft

Issue - State: closed - Opened by nightwatchcyber over 3 years ago

#201 - Defer file systems work to future date

Issue - State: open - Opened by nightwatchcyber over 3 years ago - 3 comments
Labels: future work

#200 - Add "CSAF" field to find OASIS CSAF documents

Issue - State: closed - Opened by nightwatchcyber over 3 years ago - 10 comments
Labels: future work

#199 - Add differentiation between PSIRT and CERT contact

Issue - State: open - Opened by tschmidtb51 over 3 years ago - 2 comments
Labels: future work

#198 - Consider adding "Last Updated" field

Issue - State: closed - Opened by nightwatchcyber over 3 years ago - 1 comment
Labels: future work

#196 - Extension: security.txt in DNS

Issue - State: open - Opened by Addvilz about 4 years ago - 3 comments
Labels: future work

#195 - Add a ability to differentiate security contacts between parts of an application / scope of security.txt

Issue - State: open - Opened by spidererrol about 4 years ago - 1 comment
Labels: future work

#194 - Define if HTTP 30X redirect is allowed what constraints apply

Issue - State: closed - Opened by back2root about 4 years ago - 1 comment

#193 - Additional changes for last call feedback

Pull Request - State: closed - Opened by nightwatchcyber about 4 years ago

#192 - Last call changes

Pull Request - State: closed - Opened by nightwatchcyber about 4 years ago

#191 - Blank lines not covered by ABNF grammar?

Issue - State: closed - Opened by eikendev about 4 years ago - 9 comments
Labels: question

#190 - Last Call: Make Expires field mandatory + add guidance for value

Issue - State: closed - Opened by nightwatchcyber about 4 years ago - 1 comment
Labels: last-call

#189 - Last Call: Address AD feedback

Issue - State: closed - Opened by nightwatchcyber about 4 years ago - 1 comment
Labels: last-call

#188 - Add note regarding the well know namespace

Issue - State: closed - Opened by nightwatchcyber over 4 years ago - 1 comment
Labels: last-call

#187 - Preparing for draft-10

Pull Request - State: closed - Opened by nightwatchcyber over 4 years ago

#186 - Last changes before publishing new version

Pull Request - State: closed - Opened by nightwatchcyber over 4 years ago

#185 - Add language clarifying scope around product vulnerabilities

Issue - State: open - Opened by nightwatchcyber over 4 years ago - 4 comments
Labels: future work

#184 - Discuss embedding the file in desktop or mobile apps

Issue - State: open - Opened by nightwatchcyber over 4 years ago - 2 comments
Labels: future work

#183 - Last call changes

Pull Request - State: closed - Opened by nightwatchcyber over 4 years ago

#182 - Last call: Change language around "directive"

Issue - State: closed - Opened by nightwatchcyber over 4 years ago - 1 comment

#181 - Last Call: Consider adding expiration date field

Issue - State: closed - Opened by nightwatchcyber over 4 years ago - 1 comment

#180 - Last Call Feedback: SecDir review

Issue - State: closed - Opened by nightwatchcyber over 4 years ago - 1 comment

#179 - Last call feedback: S. Moonesamy

Issue - State: closed - Opened by nightwatchcyber over 4 years ago - 1 comment

#178 - Last Call: Consider a separate abuse contact

Issue - State: open - Opened by nightwatchcyber almost 5 years ago - 1 comment
Labels: future work

#177 - HTTPS MUST on IP addresses with certificate validation?

Issue - State: open - Opened by asbjornst almost 5 years ago - 1 comment
Labels: future work

#176 - URI and the percent-encoding

Issue - State: closed - Opened by bortzmeyer almost 5 years ago - 1 comment
Labels: ▶️ spec, ➡ Contact:

#175 - Last Call: Change title of the draft

Issue - State: closed - Opened by nightwatchcyber almost 5 years ago - 1 comment
Labels: last-call

#174 - ABNF: allow `line`s at the end of the file

Issue - State: closed - Opened by joker314 almost 5 years ago - 2 comments

#173 - Pre-09 prep

Pull Request - State: closed - Opened by nightwatchcyber almost 5 years ago

#172 - Final pre-08 updates

Pull Request - State: closed - Opened by nightwatchcyber almost 5 years ago

#171 - additional changes from AD feedback

Pull Request - State: closed - Opened by nightwatchcyber almost 5 years ago

#170 - generating txt and html

Pull Request - State: closed - Opened by nightwatchcyber almost 5 years ago

#169 - Remove repeated ABNF field name

Pull Request - State: closed - Opened by joker314 almost 5 years ago

#168 - More changes for #165

Pull Request - State: closed - Opened by nightwatchcyber almost 5 years ago

#167 - More changes to address AD feedback (#165)

Pull Request - State: closed - Opened by nightwatchcyber almost 5 years ago

#166 - Fix for #164

Pull Request - State: closed - Opened by nightwatchcyber almost 5 years ago

#165 - Address AD review feedback

Issue - State: closed - Opened by EdOverflow almost 5 years ago - 1 comment
Labels: ▶️ spec, ⛃ IETF

#164 - Consider noting whitespace in Preferred-Languages directive

Issue - State: closed - Opened by joker314 about 5 years ago - 4 comments

#163 - Avoid abuse of social media profile for responsible disclosure

Issue - State: closed - Opened by good-lly about 5 years ago - 4 comments

#162 - Starting drtaft -08

Pull Request - State: closed - Opened by nightwatchcyber about 5 years ago

#161 - draft version -07 submitted

Pull Request - State: closed - Opened by nightwatchcyber about 5 years ago

#160 - Fix for #158 and misc syntax fixes

Pull Request - State: closed - Opened by nightwatchcyber about 5 years ago

#159 - Minor fixes for #157

Pull Request - State: closed - Opened by nightwatchcyber over 5 years ago

#158 - dissociating comment from field

Issue - State: closed - Opened by Nick-Levinson over 5 years ago - 7 comments

#157 - 4 grammatical errors

Issue - State: closed - Opened by Nick-Levinson over 5 years ago - 2 comments

#156 - Github Security Policies

Issue - State: closed - Opened by breckwagner over 5 years ago - 2 comments

#155 - Changes for #152 and #143

Pull Request - State: closed - Opened by nightwatchcyber over 5 years ago - 1 comment

#154 - Updated correct link to IETF draft

Pull Request - State: closed - Opened by ghost over 5 years ago - 4 comments

#153 - Make Contact required by simplifying ABNF

Pull Request - State: closed - Opened by joker314 over 5 years ago - 2 comments

#152 - Make Contact required in the ABNF

Issue - State: closed - Opened by joker314 over 5 years ago - 4 comments
Labels: ▶️ spec, ➡ Contact:, § ABNF

#151 - Make changes to the ABNF grammar for non-chainable directives

Pull Request - State: closed - Opened by joker314 over 5 years ago - 2 comments

#150 - ABNF mishandles non-chainable fields

Issue - State: closed - Opened by joker314 over 5 years ago - 2 comments

#149 - Cutting -06 version

Pull Request - State: closed - Opened by nightwatchcyber over 5 years ago

#148 - Minor language fixes

Pull Request - State: closed - Opened by nightwatchcyber over 5 years ago

#147 - Changed "e-mail" to "email"

Pull Request - State: closed - Opened by nightwatchcyber over 5 years ago

#146 - Redirects and security considerations (#143 and #112)

Pull Request - State: closed - Opened by nightwatchcyber over 5 years ago - 2 comments

#145 - Fixing location language

Pull Request - State: closed - Opened by nightwatchcyber over 5 years ago

#143 - Add language to address redirects and edge cases

Issue - State: closed - Opened by nightwatchcyber over 5 years ago - 8 comments
Labels: ▶️ spec, § Security

#142 - Allow Wildcard Domains Like Certificates

Issue - State: closed - Opened by dezren39 over 5 years ago - 2 comments
Labels: ➡ New directive?, future work

#134 - Consider mandating encryption when "mailto" is used in the "Contact" field

Issue - State: closed - Opened by nightwatchcyber over 5 years ago - 3 comments
Labels: ➡ Contact:

#128 - Consider changing "Signature" to "Signature Type"

Issue - State: closed - Opened by nightwatchcyber about 6 years ago - 3 comments
Labels: ➡ Signature:, TODO

#126 - Force status codes of responses to be in 2xx range

Issue - State: closed - Opened by joker314 about 6 years ago - 5 comments
Labels: ▶️ spec

#123 - Specify allowed characters in comments

Issue - State: closed - Opened by joker314 about 6 years ago - 12 comments
Labels: § ABNF, TODO

#117 - mailto:[email protected]

Issue - State: closed - Opened by eludom about 6 years ago - 1 comment
Labels: future work

#112 - Create a threat model for security.txt.

Issue - State: closed - Opened by EdOverflow about 6 years ago - 8 comments
Labels: ▶️ spec, § Security, on hold

#104 - Linter / validator for RFC compliance and basic error checks?

Issue - State: open - Opened by anroots over 6 years ago - 10 comments
Labels: tools, on hold

#103 - Encryption and signature schemes not specified; hijacking

Issue - State: closed - Opened by tlhackque over 6 years ago - 4 comments
Labels: future work

#100 - security.txt signature should cover the URL

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 4 comments
Labels: ➡ Signature:, TODO

#99 - Adding Hiring field to the registry section

Pull Request - State: closed - Opened by nightwatchcyber over 6 years ago - 1 comment

#98 - Review RFC style guidelines to see if anything needs to change

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments
Labels: ▶️ spec, on hold

#97 - Add "Report-Abuse:" directive

Issue - State: closed - Opened by AlfredBerg over 6 years ago - 9 comments
Labels: ➡ New directive?

#96 - Pick an English spelling and stick to it.

Issue - State: closed - Opened by EdOverflow over 6 years ago - 2 comments
Labels: ▶️ website, ▶️ spec

#94 - Whether HTTPS be changed to MUST (instead of the current SHOULD)

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments
Labels: ▶️ spec

#93 - Define signature format

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 8 comments
Labels: ➡ New directive?, future work

#92 - Re-do the changes from the draft branch

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments
Labels: ▶️ spec

#91 - Figure out how to use DNS to secure the security.txt signature

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 7 comments
Labels: future work

#90 - Fixes for #82 which were done on the wrong branch

Pull Request - State: closed - Opened by nightwatchcyber over 6 years ago