26a53327a4
**Motivations:** - Complete documentation for dashboard, domains, ports and environment configuration - Add new services (ClamAV API, Watermark API) to the infrastructure - Enhance dashboard with new pages and improved functionality - Improve deployment scripts and service configurations **Root causes:** - Missing comprehensive documentation for infrastructure setup - Need for antivirus scanning service integration - Need for watermark service integration - Dashboard required additional pages and features **Correctifs:** - Added comprehensive documentation in docs/ (DASHBOARD.md, DOMAINS_AND_PORTS.md, ENVIRONMENT.md) - Updated systemd service files with proper environment variables - Enhanced nginx proxy configuration script - Updated maintenance documentation **Evolutions:** - Added new ClamAV API service (api-clamav) for file scanning - Added new Watermark API service (api-filigrane) for document watermarking - Enhanced signet-dashboard with new learn.html page - Improved dashboard UI with better styles and navigation - Enhanced app.js with new functionality and better error handling - Updated API documentation page with complete endpoint descriptions - Added deployment scripts for watermark and nginx configuration - Updated hash and UTXO lists with latest data - Enhanced server.js with new routes and improved Bitcoin RPC integration **Pages affectées:** - docs/DASHBOARD.md: New comprehensive dashboard documentation - docs/DOMAINS_AND_PORTS.md: New infrastructure domains and ports documentation - docs/ENVIRONMENT.md: New environment variables documentation - docs/MAINTENANCE.md: Updated maintenance procedures - docs/README.md: Updated main documentation - signet-dashboard/public/app.js: Enhanced with new features - signet-dashboard/public/styles.css: Improved styling - signet-dashboard/public/index.html: Enhanced main page - signet-dashboard/public/learn.html: New educational page - signet-dashboard/public/api-docs.html: Enhanced API documentation - signet-dashboard/public/hash-list.html: Updated hash list page - signet-dashboard/public/utxo-list.html: Updated UTXO list page - signet-dashboard/public/join-signet.html: Updated join signet page - signet-dashboard/src/server.js: Enhanced server with new routes - signet-dashboard/start.sh: Updated startup script - signet-dashboard/signet-dashboard.service: Updated systemd service - api-anchorage/anchorage-api.service: Updated systemd service - api-faucet/faucet-api.service: Updated systemd service - configure-nginx-proxy.sh: Enhanced nginx configuration script - add-watermark-certificate.sh: New watermark certificate script - deploy-watermark-nginx.sh: New deployment script - api-clamav/: New ClamAV API service - api-filigrane/: New Watermark API service - hash_list.txt, utxo_list.txt: Updated with latest data - anchor_count.txt: Updated anchor count
1.1 KiB
Security Policies and Procedures
Reporting a Bug
The send team and community take all security bugs seriously. Thank you
for improving the security of Express. We appreciate your efforts and
responsible disclosure and will make every effort to acknowledge your
contributions.
Report security bugs by emailing the current owner(s) of send. This information
can be found in the npm registry using the command npm owner ls send.
If unsure or unable to get the information from the above, open an issue
in the project issue tracker
asking for the current contact information.
To ensure the timely response to your report, please ensure that the entirety of the report is contained within the email body and not solely behind a web link or an attachment.
At least one owner will acknowledge your email within 48 hours, and will send a more detailed response within 48 hours indicating the next steps in handling your report. After the initial reply to your report, the owners will endeavor to keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.