Parent epic: #155
Repo-settings checklist — kept as its own story so it is not forgotten (per E19 #155 guidance).
Tasks
- Enable Private Vulnerability Reporting on the
solid-syslog repo (Settings → Code security).
- Configure Security Advisory workflow permissions.
- Document the required settings in the triage runbook (S19.05) so they are reproducible after any org/account move.
Note
This gates SECURITY.md's primary intake channel — the "Report a vulnerability" button only appears once Private Vulnerability Reporting is on. Re-verify after the account migration to the Cozens org, since org transfer can reset security settings.
Acceptance
Private vulnerability reporting live; a test private report can be filed.
Parent epic: #155
Repo-settings checklist — kept as its own story so it is not forgotten (per E19 #155 guidance).
Tasks
solid-syslogrepo (Settings → Code security).Note
This gates
SECURITY.md's primary intake channel — the "Report a vulnerability" button only appears once Private Vulnerability Reporting is on. Re-verify after the account migration to the Cozens org, since org transfer can reset security settings.Acceptance
Private vulnerability reporting live; a test private report can be filed.