From 03715f84694f3c36ab47edc856d256333d03b6eb Mon Sep 17 00:00:00 2001
From: Alex Syrnikov <alex.syrnikov19@gmail.com>
Date: Tue, 27 Jun 2023 03:43:33 +0300
Subject: [PATCH] [GITEA] add /.well-known/security.txt endpoint

resolves #38
adds RFC 9116 machine parsable
File Format to Aid in Security Vulnerability Disclosure

(cherry picked from commit 8ab1f8375c695867524f30a23bc36d805936a76d)
(cherry picked from commit 8f04f0e28867bf49ebf1dff6989f06fe6dd07fd7)
(cherry picked from commit 5ced68a7a002e720ec0841c8ee79818dc37e225e)
(cherry picked from commit 437c5dd7494052ee86b3a5d66a40852fb1e45583)

Conflicts:
     52fb9367734100847249d074e2bc17f2aa91053e Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
---
 public/.well-known/security.txt | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/public/.well-known/security.txt b/public/.well-known/security.txt
index 2cae3cbea4..03872b0982 100644
--- a/public/.well-known/security.txt
+++ b/public/.well-known/security.txt
@@ -1,6 +1,5 @@
-# This site is running a Gitea instance.
-# Gitea related security problems could be reported to Gitea community.
-# Site related security problems should be reported to this site's admin.
-Contact: https://github.com/go-gitea/gitea/blob/main/SECURITY.md
-Policy: https://github.com/go-gitea/gitea/blob/main/SECURITY.md
+Contact: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/CONTRIBUTING.md
+Contact: mailto:security@forgejo.org
+Expires: 2025-06-25T00:00:00Z
+Policy: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/CONTRIBUTING.md
 Preferred-Languages: en