Make security policy more prominent in docs

[ci skip]
author: Jon Moss <me@jonathanmoss.me> 2017-02-23 18:34:26 -0500
committer: Jon Moss <me@jonathanmoss.me> 2017-02-23 18:36:21 -0500
commit: 4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97 (patch)
tree: 9d82b2034ca7b69a1293fa5207f3b8d78182e693 /CONTRIBUTING.md
parent: 2202e81312c28c6600297bda9a66534b22f70853 (diff)
download: rails-4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97.tar.gz
rails-4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97.tar.bz2
rails-4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index f6ebef7e89..b44486c75a 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -2,6 +2,9 @@
 
 #### **Did you find a bug?**
 
+* **Do not open up a GitHub issue if the bug is a security vulnerability
+  in Rails**, and instead to refer to our [security policy](http://rubyonrails.org/security/).
+
 * **Ensure the bug was not already reported** by searching on GitHub under [Issues](https://github.com/rails/rails/issues).
 
 * If you're unable to find an open issue addressing the problem, [open a new one](https://github.com/rails/rails/issues/new). Be sure to include a **title and clear description**, as much relevant information as possible, and a **code sample** or an **executable test case** demonstrating the expected behavior that is not occurring.
author	Jon Moss <me@jonathanmoss.me>	2017-02-23 18:34:26 -0500
committer	Jon Moss <me@jonathanmoss.me>	2017-02-23 18:36:21 -0500
commit	4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97 (patch)
tree	9d82b2034ca7b69a1293fa5207f3b8d78182e693 /CONTRIBUTING.md
parent	2202e81312c28c6600297bda9a66534b22f70853 (diff)
download	rails-4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97.tar.gz rails-4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97.tar.bz2 rails-4ed704740b7ccc8ac9cfb7b5ec62d55ac178ec97.zip