[RFC] disable private vulnerability reporting

6 views
Skip to first unread message

Jameson Nash

unread,
Mar 26, 2026, 4:51:06 PM (6 days ago) Mar 26
to libuv
The project is getting a deluge of private vulnerability reports, most of which are invalid, and a few of which should have just been normal bugs. I propose that we create a libuv-s...@googlegroups.com and disable the github offering, until such time as Github makes it possible to better triage vulnerability reports such as by demoting them into normal bugs more easily.

Thoughts?

-jameson

Ben Noordhuis

unread,
Mar 26, 2026, 6:34:39 PM (6 days ago) Mar 26
to li...@googlegroups.com
I think that's a very good idea.

Santiago Gimeno

unread,
Mar 27, 2026, 12:34:44 PM (5 days ago) Mar 27
to li...@googlegroups.com
Yes, please.

--
You received this message because you are subscribed to the Google Groups "libuv" group.
To unsubscribe from this group and stop receiving emails from it, send an email to libuv+un...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/libuv/CAHQurc8gYk2vhpVK7i0gaXcF6846rBDGsgc%2ByyZozyQcV9vTZg%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages