From c32427d0c1ac2c2a923243bf83db1e0fd703e788 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 5 Jun 2026 08:58:14 +0200 Subject: [PATCH] VULN-DISCLOSURE-POLICY.md: emphasize comm as a human Closes #21870 --- docs/VULN-DISCLOSURE-POLICY.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/VULN-DISCLOSURE-POLICY.md b/docs/VULN-DISCLOSURE-POLICY.md index 379a6d0da5..f999d48968 100644 --- a/docs/VULN-DISCLOSURE-POLICY.md +++ b/docs/VULN-DISCLOSURE-POLICY.md @@ -36,6 +36,13 @@ announcement. [HackerOne](https://hackerone.com/curl). Issues filed there reach a handful of selected and trusted people. +- When communicating in the curl project, please explain your issues or + improvements briefly and clearly in your own human voice. Do not lazily + paste massive, AI-generated explanations; as a contributor doing this + infrequently, it is your responsibility to invest a few extra minutes into + making your message digestible. The maintainers review submissions + constantly, and clear writing reduces their daily burden and friction. + - The curl project cannot handle vulnerability reports sent to us over email. We lose track of the reports. We cannot easily disclose them. Please do not send us reports over email.