Add security email for sensitive reports

8 years ago · 30e8845b1e
parent 8ad6385ffb
commit 30e8845b1e
2 changed files with 10 additions and 0 deletions
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@ -21,6 +21,11 @@ If your issue involves installing, updating or resolving dependencies, the
 chance of us being able to reproduce your issue will be much higher if you
 share your `composer.json` with us.

+Security Reports
+----------------
+
+Please send any sensitive issue to [security@packagist.org](mailto:security@packagist.org). Thanks!
+
 Installation from Source
 ------------------------

--- a/README.md
+++ b/README.md
@ -47,6 +47,11 @@ Authors

 See also the list of [contributors](https://github.com/composer/composer/contributors) who participated in this project.

+Security Reports
+----------------
+
+Please send any sensitive issue to [security@packagist.org](mailto:security@packagist.org). Thanks!
+
 License
 -------