From 30ade1ea0b6de3b634283bd3741b49abf37f9bf0 Mon Sep 17 00:00:00 2001
From: Gusted <postmaster@gusted.xyz>
Date: Sat, 5 Aug 2023 21:58:30 +0200
Subject: [PATCH] [BRANDING] security.txt

- The [security.txt](https://securitytxt.org/) is a standardized file to
help with reporting security vulnerabilities, by having the most essential
information served at `.well-known/security.txt`.
- Brand this file to point to the Forgejo security team.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1192

(cherry picked from commit 7ca1d0ec87bc23881f59ce3ea04390bf508ec0fa)
(cherry picked from commit ba974b016199cd279b8c7aca76a936910e9f4d69)
(cherry picked from commit 966fbcdcfdc8027aa31fe46eafa229854fe120ad)
(cherry picked from commit 8b9efebc6e5a211b64b003284bf3bb8c66c85662)
(cherry picked from commit 91b1c84c1873b6e07ff7e700429a4fc6f6c1e3bf)
---
 public/.well-known/security.txt | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/public/.well-known/security.txt b/public/.well-known/security.txt
index 2cae3cbea4..f301a00542 100644
--- a/public/.well-known/security.txt
+++ b/public/.well-known/security.txt
@@ -1,6 +1,8 @@
-# This site is running a Gitea instance.
-# Gitea related security problems could be reported to Gitea community.
-# Site related security problems should be reported to this site's admin.
-Contact: https://github.com/go-gitea/gitea/blob/main/SECURITY.md
-Policy: https://github.com/go-gitea/gitea/blob/main/SECURITY.md
+# This site is running a Forgejo instance.
+# Forgejo-related security problems should be reported to the Forgejo security team.
+# Site-related security problems should be reported to this site's admin.
+Policy: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/CONTRIBUTING.md
+Contact: mailto:security@forgejo.org
+Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/1B638BDF10969D627926B8D9F585D0F99E1FB56F
 Preferred-Languages: en
+Expires: 2025-06-25T00:00:00Z