Skip to content

Update SECURITY.md with usage warnings#198

Open
dwaltersbal-mlg wants to merge 1 commit into
getsentry:mainfrom
dwaltersbal-mlg:patch-1
Open

Update SECURITY.md with usage warnings#198
dwaltersbal-mlg wants to merge 1 commit into
getsentry:mainfrom
dwaltersbal-mlg:patch-1

Conversation

@dwaltersbal-mlg

Copy link
Copy Markdown

Added warning about the use of sensitive information and copyright infringement.

Added warning about the use of sensitive information and copyright infringement.
Comment thread SECURITY.md
Comment on lines +19 to +24
``` WARNING!!!!! NOT FOR PUBLIC USE.
Private FEDERAL PROPERTY. NOT FOR PUBLIC OR PRIVATE USE. NOTICE OF COPYRIGHT INFRINGEMENT. THIS MUST BE REMOVED OR YOU WILL BE FEDERALLY CHARGED.




Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: The PGP key has been removed from SECURITY.md and the file's Markdown is corrupted, breaking the secure reporting process and document rendering.
Severity: HIGH

Suggested Fix

Restore the original PGP key block to the SECURITY.md file. Ensure the PGP key fingerprint 'E406 C27A E971 6515 A1B1 ED86 641D 2F6C 230D BE3B' is present and correctly formatted within a valid Markdown code block.

Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's
not valid.

Location: SECURITY.md#L19-L24

Potential issue: The legitimate PGP key fingerprint has been deleted from the
`SECURITY.md` file and replaced with fabricated text. This change prevents users who
need to report a vulnerability from finding the necessary PGP key, breaking the
documented secure reporting workflow. Additionally, the injected text ` ```
WARNING!!!!!...` merges the opening triple-backtick fence with text on the same line and
removes the closing fence, which violates Markdown syntax and will corrupt the rendering
of the document.

Did we get this right? 👍 / 👎 to inform future reviews.

@dwaltersbal-mlg

Copy link
Copy Markdown
Author

WARNING. THIS IS PRIVATE FEDERAL PROPERTY, NOT FOR PERSONAL OR PUBLIC USE . THIS IS COPYRIGHT INFRINGEMENT , FEDERAL IDENTITY THEFT, FRAUD ECT.. ALL CONNECTIONS FACE POSSIBLE CHARGES AND FINES ..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant