about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--.github/CODEOWNERS32
-rw-r--r--.github/FUNDING.yml2
-rw-r--r--.github/ISSUE_TEMPLATE/2.feature_request.yml1
-rw-r--r--.github/ISSUE_TEMPLATE/3.support.md10
-rw-r--r--.github/ISSUE_TEMPLATE/config.yml7
-rw-r--r--SECURITY.md18
6 files changed, 19 insertions, 51 deletions
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
deleted file mode 100644
index fd6f74689..000000000
--- a/.github/CODEOWNERS
+++ /dev/null
@@ -1,32 +0,0 @@
-# CODEOWNERS for mastodon/mastodon
-
-# Translators
-# To add translator, copy these lines, replace `fr` with appropriate language code and replace `@żelipapą` with user's GitHub nickname preceded by `@` sign or e-mail address.
-# /app/javascript/mastodon/locales/fr.json @żelipapą
-# /app/views/user_mailer/*.fr.html.erb @żelipapą
-# /app/views/user_mailer/*.fr.text.erb @żelipapą
-# /config/locales/*.fr.yml @żelipapą
-# /config/locales/fr.yml @żelipapą
-
-# Polish
-/app/javascript/mastodon/locales/pl.json @m4sk1n
-/app/views/user_mailer/*.pl.html.erb @m4sk1n
-/app/views/user_mailer/*.pl.text.erb @m4sk1n
-/config/locales/*.pl.yml @m4sk1n
-/config/locales/pl.yml @m4sk1n
-
-# French
-/app/javascript/mastodon/locales/fr.json @aldarone
-/app/javascript/mastodon/locales/whitelist_fr.json @aldarone
-/app/views/user_mailer/*.fr.html.erb @aldarone
-/app/views/user_mailer/*.fr.text.erb @aldarone
-/config/locales/*.fr.yml @aldarone
-/config/locales/fr.yml @aldarone
-
-# Dutch
-/app/javascript/mastodon/locales/nl.json @jeroenpraat
-/app/javascript/mastodon/locales/whitelist_nl.json @jeroenpraat
-/app/views/user_mailer/*.nl.html.erb @jeroenpraat
-/app/views/user_mailer/*.nl.text.erb @jeroenpraat
-/config/locales/*.nl.yml @jeroenpraat
-/config/locales/nl.yml @jeroenpraat
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
index 9526e17db..be750a5e4 100644
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1,3 +1,3 @@
 patreon: mastodon
 open_collective: mastodon
-github: [Gargron]
+custom: https://sponsor.joinmastodon.org
diff --git a/.github/ISSUE_TEMPLATE/2.feature_request.yml b/.github/ISSUE_TEMPLATE/2.feature_request.yml
index 00aad1341..6626c2876 100644
--- a/.github/ISSUE_TEMPLATE/2.feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/2.feature_request.yml
@@ -1,5 +1,6 @@
 name: Feature Request
 description: I have a suggestion
+labels: suggestion
 body:
   - type: markdown
     attributes:
diff --git a/.github/ISSUE_TEMPLATE/3.support.md b/.github/ISSUE_TEMPLATE/3.support.md
deleted file mode 100644
index e2217da8b..000000000
--- a/.github/ISSUE_TEMPLATE/3.support.md
+++ /dev/null
@@ -1,10 +0,0 @@
----
-name: Support
-about: Ask for help with your deployment
-title: DO NOT CREATE THIS ISSUE
----
-
-We primarily use GitHub as a bug and feature tracker. For usage questions, troubleshooting of deployments and other individual technical assistance, please use one of the resources below:
-
-- https://discourse.joinmastodon.org
-- #mastodon on irc.freenode.net
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 768868516..7c0dbaf67 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,5 +1,8 @@
 blank_issues_enabled: false
 contact_links:
-  - name: Mastodon Meta Discussion Board
-    url: https://discourse.joinmastodon.org/
+  - name: GitHub Discussions
+    url: https://github.com/mastodon/mastodon/discussions
     about: Please ask and answer questions here.
+  - name: Bug Bounty Program
+    url: https://app.intigriti.com/programs/mastodon/mastodonio/detail
+    about: Please report security vulnerabilities here.
diff --git a/SECURITY.md b/SECURITY.md
index 9d351fce6..5531a306e 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,13 +1,19 @@
 # Security Policy
 
+If you believe you've identified a security vulnerability in Mastodon (a bug that allows something to happen that shouldn't be possible), you should submit the report through our [Bug Bounty Program][bug-bounty]. Alternatively, you can reach us at <hello@joinmastodon.org>.
+
+You should *not* report such issues on GitHub or in other public spaces to give us time to publish a fix for the issue without exposing Mastodon's users to increased risk.
+
+## Scope
+
+A "vulnerability in Mastodon" is a vulnerability in the code distributed through our main source code repository on GitHub. Vulnerabilities that are specific to a given installation (e.g. misconfiguration) should be reported to the owner of that installation and not us.
+
 ## Supported Versions
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 3.4.x   | :white_check_mark: |
-| 3.3.x   | :white_check_mark: |
-| < 3.3   | :x:                |
-
-## Reporting a Vulnerability
+| 3.4.x   | Yes                |
+| 3.3.x   | Yes                |
+| < 3.3   | No                 |
 
-hello@joinmastodon.org
+[bug-bounty]: https://app.intigriti.com/programs/mastodon/mastodonio/detail