Skip to content

Security: freight-trust/webapp

Security

.github/SECURITY.md

Freight Trust Corporate Security Policy

Reporting a Security Bug

If you think you have discovered a security issue in any of our products, services or projects, we'd love to hear from you. We will take all security bugs seriously and if confirmed upon investigation we will patch it within a reasonable amount of time and release a public security bulletin discussing the impact and credit the discoverer.

There are two ways to report a security bug. The easiest is to email a description of the flaw and any related information (e.g. reproduction steps, version) to security at freighttrust dot org.

The other way is to file a security bug in our Infrastructure Repostiory. Be sure to set the “Security Level” to “Security issue”.

Corporate Procedures

The process by which the Corporate Security Team handles security bugs is documented further in our Defect Response page on our Omnibus Documentation.

PKI & PGP

PKI & PGP Keys can be found at github/freight-trust/pki

Points of Contact

[email protected] [email protected] [email protected]

There aren’t any published security advisories