VULN-DISCLOSURE-POLICY.md: emphasize comm as a human

Closes #21870
This commit is contained in:
Daniel Stenberg 2026-06-05 08:58:14 +02:00
parent 3d721a1d41
commit c32427d0c1
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2

View file

@ -36,6 +36,13 @@ announcement.
[HackerOne](https://hackerone.com/curl). Issues filed there reach a handful
of selected and trusted people.
- When communicating in the curl project, please explain your issues or
improvements briefly and clearly in your own human voice. Do not lazily
paste massive, AI-generated explanations; as a contributor doing this
infrequently, it is your responsibility to invest a few extra minutes into
making your message digestible. The maintainers review submissions
constantly, and clear writing reduces their daily burden and friction.
- The curl project cannot handle vulnerability reports sent to us over email.
We lose track of the reports. We cannot easily disclose them. Please do not
send us reports over email.