Add bug bounty response and respect rules #461
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
There was a problem hiding this comment.
Pull request overview
This PR adds a new "Response Time and Respect" section to the bug bounty page, establishing clear rules about response times and anti-spam policies for security researchers submitting bug bounty reports.
Changes:
- Added new section to bug bounty page with conduct rules and response time expectations
- Introduced 6 new i18n message keys (title, intro, and 4 rules) across all language files
- Positioned the new section between the "Important" note and "How to Report" section
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
| src/pages/bug-bounty.astro | Added new conduct section with title, intro paragraph, and 4 rules using proper i18n message key references |
| messages/en.json | Added 6 new English message keys for conduct section content |
| messages/de.json | Added 6 new message keys (currently in English, need German translation) |
| messages/es.json | Added 6 new message keys (currently in English, need Spanish translation) |
| messages/fr.json | Added 6 new message keys (currently in English, need French translation) |
| messages/id.json | Added 6 new message keys (currently in English, need Indonesian translation) |
| messages/it.json | Added 6 new message keys (currently in English, need Italian translation) |
| messages/ja.json | Added 6 new message keys (currently in English, need Japanese translation) |
| messages/ko.json | Added 6 new message keys (currently in English, need Korean translation) |
| messages/zh.json | Added 6 new message keys (currently in English, need Chinese translation) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in a Chinese (zh) locale file. These messages should be translated to Chinese to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in a Korean (ko) locale file. These messages should be translated to Korean to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in a Japanese (ja) locale file. These messages should be translated to Japanese to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in an Italian (it) locale file. These messages should be translated to Italian to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Suggested change
| "bug_bounty_conduct_title": "Response Time and Respect", | |
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | |
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | |
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | |
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | |
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", | |
| "bug_bounty_conduct_title": "Tempi di risposta e rispetto", | |
| "bug_bounty_conduct_intro": "Siamo cordiali e paghiamo per i report validi, ma non possiamo lavorare con persone che non rispettano il nostro tempo. Mantieni la comunicazione calma e segui questo programma.", | |
| "bug_bounty_conduct_rule_1": "Rispondiamo ai report e alle violazioni di sicurezza entro 24–72 ore.", | |
| "bug_bounty_conduct_rule_2": "Non sommergerci di messaggi. Più di tre email in un solo giorno è considerato spam e verrà bloccato.", | |
| "bug_bounty_conduct_rule_3": "Non paghiamo i report che ignorano queste regole o che sono spam.", | |
| "bug_bounty_conduct_rule_4": "Accettiamo solo report in-scope che seguono questo programma bug bounty; tutto il resto può essere bloccato.", |
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in an Indonesian (id) locale file. These messages should be translated to Indonesian to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Suggested change
| "bug_bounty_conduct_title": "Response Time and Respect", | |
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | |
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | |
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | |
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | |
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", | |
| "bug_bounty_conduct_title": "Waktu Tanggapan dan Rasa Hormat", | |
| "bug_bounty_conduct_intro": "Kami ramah dan kami benar-benar membayar untuk laporan yang valid, tetapi kami tidak dapat bekerja dengan orang yang tidak menghargai waktu kami. Harap jaga komunikasi tetap tenang dan ikuti program ini.", | |
| "bug_bounty_conduct_rule_1": "Kami merespons laporan dan pelanggaran keamanan dalam 24–72 jam.", | |
| "bug_bounty_conduct_rule_2": "Jangan spam kami. Lebih dari tiga email dalam satu hari dianggap spam dan akan diblokir.", | |
| "bug_bounty_conduct_rule_3": "Kami tidak membayar laporan yang mengabaikan aturan-aturan ini atau yang merupakan spam.", | |
| "bug_bounty_conduct_rule_4": "Hanya laporan dalam ruang lingkup yang mengikuti program bug bounty ini yang akan diterima; selain itu dapat diblokir.", |
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in a French (fr) locale file. These messages should be translated to French to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in a Spanish (es) locale file. These messages should be translated to Spanish to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Suggested change
| "bug_bounty_conduct_title": "Response Time and Respect", | |
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | |
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | |
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | |
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | |
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", | |
| "bug_bounty_conduct_title": "Tiempo de respuesta y respeto", | |
| "bug_bounty_conduct_intro": "Somos amables y pagamos por los informes válidos, pero no podemos trabajar con personas que no respetan nuestro tiempo. Por favor mantenga la comunicación tranquila y siga este programa de bug bounty.", | |
| "bug_bounty_conduct_rule_1": "Respondemos a los informes y brechas de seguridad en un plazo de 24 a 72 horas.", | |
| "bug_bounty_conduct_rule_2": "No nos envíe spam. Más de tres correos electrónicos en un solo día se considera spam y será bloqueado.", | |
| "bug_bounty_conduct_rule_3": "No pagamos por informes que ignoren estas reglas o que sean considerados spam.", | |
| "bug_bounty_conduct_rule_4": "Solo se aceptan informes dentro del alcance que sigan este programa de bug bounty; cualquier otra cosa puede ser bloqueada.", |
Comment on lines
+281
to
+286
| "bug_bounty_conduct_title": "Response Time and Respect", | ||
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | ||
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | ||
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | ||
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | ||
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", |
There was a problem hiding this comment.
The new message keys contain English text in a German (de) locale file. These messages should be translated to German to maintain consistency with the rest of the file where other bug_bounty messages are properly localized. The following keys need translation:
- bug_bounty_conduct_title
- bug_bounty_conduct_intro
- bug_bounty_conduct_rule_1
- bug_bounty_conduct_rule_2
- bug_bounty_conduct_rule_3
- bug_bounty_conduct_rule_4
Suggested change
| "bug_bounty_conduct_title": "Response Time and Respect", | |
| "bug_bounty_conduct_intro": "We are friendly and we do pay for valid reports, but we cannot work with people who do not respect our time. Please keep communication calm and follow this program.", | |
| "bug_bounty_conduct_rule_1": "We respond to security reports and breaches within 24-72 hours.", | |
| "bug_bounty_conduct_rule_2": "Do not spam us. More than three emails in a single day is considered spam and will be blocked.", | |
| "bug_bounty_conduct_rule_3": "We do not pay for reports that ignore these rules or are spam.", | |
| "bug_bounty_conduct_rule_4": "Only in-scope reports that follow this bug bounty program are accepted; anything else may be blocked.", | |
| "bug_bounty_conduct_title": "Reaktionszeit und Respekt", | |
| "bug_bounty_conduct_intro": "Wir sind freundlich und bezahlen f\u00fcr g\u00fcltige Berichte, aber wir k\u00f6nnen nicht mit Personen zusammenarbeiten, die unsere Zeit nicht respektieren. Bitte bleiben Sie in der Kommunikation sachlich und halten Sie sich an dieses Programm.", | |
| "bug_bounty_conduct_rule_1": "Wir reagieren auf Sicherheitsberichte und Vorf\u00e4lle innerhalb von 24\u201372 Stunden.", | |
| "bug_bounty_conduct_rule_2": "Bitte senden Sie uns keinen Spam. Mehr als drei E-Mails an einem einzigen Tag gelten als Spam und werden blockiert.", | |
| "bug_bounty_conduct_rule_3": "Wir zahlen nicht f\u00fcr Berichte, die diese Regeln ignorieren oder als Spam einzustufen sind.", | |
| "bug_bounty_conduct_rule_4": "Es werden nur Berichte im definierten Geltungsbereich akzeptiert, die diesem Bug-Bounty-Programm folgen; alles andere kann blockiert werden.", |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds a new response time and respect section to the bug bounty page with clear anti-spam rules. Wires new copy through the i18n message files.