chore: Sync with WeblateOrg/meta

WeblateOrg · Jan 15, 2025 · d25d107 · d25d107
1 parent f713b32
commit d25d107
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 4 deletions.
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -19,6 +19,11 @@
       "^requirements-.*\\.txt$"
     ]
   },
+  "pep723": {
+    "fileMatch": [
+      "scripts/.*"
+    ]
+  },
   "packageRules": [
     {
       "matchDatasources": [

diff --git a/SECURITY.md b/SECURITY.md
@@ -12,9 +12,18 @@ The Weblate team takes security and related transparency very seriously.
 We welcome any peer review of our 100% open-source code to ensure nobody's Weblate
 is ever compromised or hacked.
 
-Information about practices for reporting and fixing security issues is described
-in [our documentation][1] and on [our page at HackerOne][2]. This ensures all
-vulnerabilities are solved securely, quickly, and transparently.
+If you think you have identified a security issue with a Weblate project, **do
+not open a public issue**.
+
+To responsibly report a security issue, please navigate to the Security tab for
+the repository and click “Report a vulnerability”.
+
+Be sure to include as much detail as necessary in your report. As with
+reporting normal issues, a minimal reproducible example will help the
+maintainers address the issue faster.
+
+More information about practices for reporting and fixing security issues is
+described in [our documentation][1]. This ensures all vulnerabilities are
+solved securely, quickly, and transparently.
 
 [1]: https://docs.weblate.org/en/latest/contributing/issues.html#security
-[2]: https://hackerone.com/weblate