How-tos for reporting and fixing vulnerabilities
Learn how to establish security policies and enable private channels for reporting vulnerabilities in your repository.
Adding a security policy to your repository
You can give instructions for how to report a security vulnerability in your project by adding a security policy to your repository.
Configuring private vulnerability reporting for a repository
Owners and administrators of public repositories can allow security researchers to report vulnerabilities securely in the repository by enabling private vulnerability reporting.