chore: housekeeping — linter & formatter setup
Add .prettierrc.json, .markdownlint.json, .yamllint.yaml, .gitattributes Run CSharpier, Prettier and markdownlint across the entire codebase. No logic changes — formatting, using order and line endings only.
This commit is contained in:
+11
-17
@@ -2,9 +2,8 @@
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
If you find a security issue in HellionChat, please do not open a
|
||||
public Gitea issue. Use one of the private channels below so I can
|
||||
investigate and ship a fix before the details go public.
|
||||
If you find a security issue in HellionChat, please do not open a public Gitea issue. Use one of the private channels
|
||||
below so I can investigate and ship a fix before the details go public.
|
||||
|
||||
**Preferred:**
|
||||
|
||||
@@ -13,8 +12,7 @@ investigate and ship a fix before the details go public.
|
||||
| Email | `kontakt@hellion-media.de` |
|
||||
| Discord DM | `@j.j_kazama` |
|
||||
|
||||
For urgent disclosures (active exploitation, user-data exposure) email
|
||||
is the fastest path.
|
||||
For urgent disclosures (active exploitation, user-data exposure) email is the fastest path.
|
||||
|
||||
I respond on weekdays during European business hours.
|
||||
|
||||
@@ -22,8 +20,7 @@ I respond on weekdays during European business hours.
|
||||
|
||||
### In scope
|
||||
|
||||
- Code paths that touch user-controlled input (chat messages, plugin
|
||||
config, file paths the user can influence)
|
||||
- Code paths that touch user-controlled input (chat messages, plugin config, file paths the user can influence)
|
||||
- The privacy filter in `MessageStore.cs` and the export pipeline
|
||||
- The configuration migration logic
|
||||
- The `EmoteCache` HTTP client and path handling
|
||||
@@ -31,21 +28,18 @@ I respond on weekdays during European business hours.
|
||||
|
||||
### Out of scope
|
||||
|
||||
- Issues in upstream Chat 2 that HellionChat has not modified — report
|
||||
those at <https://github.com/Infiziert90/ChatTwo/issues>
|
||||
- Issues in Dalamud itself — those go to
|
||||
<https://github.com/goatcorp/Dalamud>
|
||||
- Issues in upstream Chat 2 that HellionChat has not modified — report those at
|
||||
<https://github.com/Infiziert90/ChatTwo/issues>
|
||||
- Issues in Dalamud itself — those go to <https://github.com/goatcorp/Dalamud>
|
||||
- Issues in the FFXIV game client
|
||||
- Anything that requires the user to install a malicious plugin first
|
||||
|
||||
## Disclosure Window
|
||||
|
||||
I aim to ship a fix within 14 days for high-severity issues and within
|
||||
30 days for everything else. If a fix needs more time I will say so in
|
||||
the private thread.
|
||||
I aim to ship a fix within 14 days for high-severity issues and within 30 days for everything else. If a fix needs more
|
||||
time I will say so in the private thread.
|
||||
|
||||
## Credits
|
||||
|
||||
Everyone who reports a real issue gets listed in the changelog of the
|
||||
release that fixes it, unless they prefer to stay anonymous. No bug
|
||||
bounty, nothing financial — this is a hobby plugin.
|
||||
Everyone who reports a real issue gets listed in the changelog of the release that fixes it, unless they prefer to stay
|
||||
anonymous. No bug bounty, nothing financial — this is a hobby plugin.
|
||||
|
||||
Reference in New Issue
Block a user