ben/upskill-event-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
upskill-event-manager/wordpress-dev/wordpress/wp-content/plugins/astra-addon/SECURITY.md
bengizmo d1509b3d60 feat(dev-env): implement backup-based development workflow 
This commit introduces a more reliable and consistent approach to setting up
the development environment using backups:

- Add setup-from-backup.sh script for environment setup from existing backups
- Standardize script naming and organization
- Move obsolete scripts to bin/obsolete directory
- Update documentation with new workflow instructions
- Create migration guide for transitioning to new workflow
- Update Memory Bank with workflow improvements

The new workflow provides:
- More reliable environment setup
- Faster setup process
- Offline development capability
- Consistent development environments across team members

Breaking changes:
- setup-dev.sh is replaced by setup-from-backup.sh
- sync-and-setup.sh is replaced by separate scripts
- verify-with-wpcli.sh is no longer used

Migration path is documented in MIGRATION_GUIDE.md
2025-03-26 11:26:18 -03:00

1.6 KiB
Raw Blame History

Security Policy

Thank you for your interest in helping us improve the security of our open source products, websites and other properties.

We have created this Bug Bounty program to appreciate and reward your efforts.

Reporting a Vulnerability

Please report (suspected) security vulnerabilities to support+security@bsf.io. You will receive a response from us within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.

We have a bug bounty program too which gives people guidelines on how a report should be reported and how we can reward them for proper reporting.

If our team cannot reproduce and verify an issue, a bounty cannot be awarded. To help streamline our intake process, we ask that submissions include:

  • Description of the vulnerability
  • Steps to reproduce the reported vulnerability
  • Proof of exploitability (e.g. screenshot, video)
  • Perceived impact to another user or the organization
  • Proposed CVSSv3 Vector & Score (without environmental and temporal modifiers)
  • List of URLs and affected parameters
  • Other vulnerable URLs, additional payloads, Proof-of-Concept code
  • Browser, OS and/or app version used during testing
  • Impact of the bug

Security reports should be sent to support+security@bsf.io

For more details, please visit this page.

Once again, thank you for helping us improve security. We really appreciate it.