~ajhalili2006's personal website, built with Zensical (successor of Material for Mkdocs) [old repo name got bugged while attempting to do manual knot migration via repo deletion]
andreijiroh.dev
andreijiroh.dev
zensical
mkdocs-material
website
1# Security related communications
2
3[Go back to main contact page](./index.md){ .md-button }
4
5---
6
7Please consult [my general security policy](../security.md) and any project
8or org/project-specific policies (via its own `SECURITY.md` file) before proceeding here.
9Otherwise, you'll be ignored at best or blocked/muted and reported as spam at worst.
10
11## Looking for PGP and SSH keys?
12
13If you're looking for my PGP and SSH keys I use in commits and connecting to machines and code forges
14over SSH, please [visit this page](../keys/index.md).
15
16## Security questions
17
18I am not a cybersecurity person or have expertise in cryptography, so sorry if I can't reply to you.
19I may redirect you to resources or give advice as my capacity allow.
20
21## Submitting security patches
22
23If you also want to submit a security patch, which I appreciate your effort as a maintainer, please DO NOT mention about the vulnerability
24within the patch (unless via these methods below).
25
26### via email
27
28Please send security patches at [`~ajhalili2006/security@lists.sr.ht`](mailto:~ajhalili2006/security@lists.sr.ht)
29instead of the public inbox if you using email to submit patches. Access to the mailing list
30archives is limited to few trusted people alongside myself.
31
32### as confidential GitLab merge request
33
34When submitting a security-sensitive patch in GitLab, don't forget to mark it as
35confidential merge request or request to access to security patches-only private fork.
36[See GitLab Docs for details](https://docs.gitlab.com/ee/user/project/merge_requests/confidential.html).
37
38### in GitHub private vulnerability reports
39
40On projects with private vulnerability reporting enabled, after submitting your report,
41you can push your patches to a private fork specific to that report.
42
43## Notifying regarding data leaks
44
45
46
47## See also
48
49* [Encrypted Communications](../user-manual/encrypted-communications.md) for additional guidance
50regarding using PGP and EE2E chat over Matrix