Updated all links to use https://www.authelia.com/docs/. Removed all comment sections from documented configuration on the documentation site and replaced them with their own sections. Made all documentation inside config.template.yml double hashes, and made all commented configuration sections single quoted. Added .yamllint.yaml to express our desired YAML styles. Added a style guide. Refactored many documentation areas to be 120 char widths where possible. It's by no means exhaustive but is a large start. Added a statelessness guide for the pending Kubernetes chart introduction. Added labels to configuration documentation and made many areas uniform.
1.6 KiB
Security
Authelia takes security very seriously. We follow the rule of responsible disclosure, and we encourage the community to as well.
If you discover a vulnerability in Authelia, please first contact one of the maintainers privately either via Matrix or email as described in the contact options below.
For details about security measures implemented in Authelia, please follow this link and for reading about the threat model follow this link.
Contact Options
Matrix
Join the Matrix Room and locate one of the maintainers. You can identify them as they are the room administrators. Alternatively you can just ask for one of the maintainers. Once you've made contact we ask you privately message the maintainer to communicate the vulnerability.
Discord
Join the Discord Server and message the #support chat which links to Matrix and contact a maintainer.
You can contact any of the maintainers for security vulnerability related issues by emailing security@authelia.com. This email is strictly reserved for security and vulnerability disclosure related matters. If you need to contact us for another reason please use Matrix or team@authelia.com.