node_modules

1 files changed, 33 insertions, 0 deletions

diff --git a/node_modules/ws/SECURITY.md b/node_modules/ws/SECURITY.md
new file mode 100644
index 000000000..fd8e07bc5
--- /dev/null
+++ b/node_modules/ws/SECURITY.md
@@ -0,0 +1,33 @@
+# Security Guidelines
+
+Please contact us directly at **security@3rd-Eden.com** for any bug that might
+impact the security of this project. Please prefix the subject of your email
+with `[security]` in lowercase and square brackets. Our email filters will
+automatically prevent these messages from being moved to our spam box.
+
+You will receive an acknowledgement of your report within **24 hours**.
+
+All emails that do not include security vulnerabilities will be removed and
+blocked instantly.
+
+## Exceptions
+
+If you do not receive an acknowledgement within the said time frame please give
+us the benefit of the doubt as it's possible that we haven't seen it yet. In
+this case please send us a message **without details** using one of the
+following methods:
+
+- Contact the lead developers of this project on their personal e-mails. You
+  can find the e-mails in the git logs, for example using the following command:
+  `git --no-pager show -s --format='%an <%ae>' <gitsha>` where `<gitsha>` is the
+  SHA1 of their latest commit in the project.
+- Create a GitHub issue stating contact details and the severity of the issue.
+
+Once we have acknowledged receipt of your report and confirmed the bug
+ourselves we will work with you to fix the vulnerability and publicly acknowledge
+your responsible disclosure, if you wish. In addition to that we will report
+all vulnerabilities to the [Node Security Project](https://nodesecurity.io/).
+
+## History
+
+04 Jan 2016: [Buffer vulnerablity](https://github.com/websockets/ws/releases/tag/1.0.1)