f24519787b
Added new documentation style, added Authentik & Authelia examples. THank you Hendrik & Ivan! --------- Co-authored-by: Hendrik Sievers <89412959+hendrik1120@users.noreply.github.com> Co-authored-by: Ivan Vasquez <ivanvasquezp@outlook.com>
15 lines
1.5 KiB
Markdown
15 lines
1.5 KiB
Markdown
# Reporting Security Issues
|
|
|
|
With the nature of the integration, security issues and bugs are taken very seriously. I appreciate your efforts to responsibly disclose your findings and I will acknowledge your finding in the security advisory and release notes of the release that fixes your vulnerability. Together, we will keep the Home Assistant community safe.
|
|
|
|
To report a security issue, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/christiaangoossens/hass-oidc-auth/security/advisories/new) tab. **Do not make a public issue for your security vulnerability!**
|
|
|
|
I (@christiaangoossens) will review security advisories regularly and send you a response indicating next steps in handling your report. This might include fixing the vulnerability before disclosing its nature, or working together in a private branch on a fix.
|
|
|
|
Please note that this repository is maintained on a volunteer basis, I will try to respond quickly, but no guarantees.
|
|
|
|
If your bug has to do with a third party package, please have it fixed there first, such that we can include a fixed version in an update of hass-oidc-auth.
|
|
If you found a security vulnerability in Home Assistant itself, please report it at https://www.home-assistant.io/security/
|
|
|
|
## Non qualifying vulnerabities
|
|
Some vulnerabilities do not qualify for fixing in a security patch. The Home Assistant team has made a list of them over at https://www.home-assistant.io/security/#non-qualifying-vulnerabilities. |