Skip to content

[feat]: Add warning not to share secrets in GitHub issues #134

Description

@melisecolak

Problem

During Public Preview, new users and first-time contributors may report setup problems by pasting logs, configuration snippets, screenshots, or environment details into public GitHub issues.

This creates a risk that someone may accidentally share passwords, access tokens, private URLs, customer data, or confidential logs.

We need a visible warning that helps users report useful information without exposing sensitive data.

Proposed Solution

Add a short security and sensitive data notice to README.md, CONTRIBUTING.md, or the issue templates.

Suggested wording:

## Security and Sensitive Data

Please do not post passwords, access tokens, private logs, customer data, or confidential information in GitHub issues.

If you believe you found a security problem, use the private security reporting path if available, or contact the maintainers directly.

Suggested area:

  • README.md, near the feedback, support, or security section
  • CONTRIBUTING.md
  • Bug report / issue templates if available

Expected outcome:

Users should clearly understand what not to share in public GitHub issues.

Acceptance criteria:

  • A short warning about sensitive data is added or improved.
  • The warning mentions passwords, access tokens, private logs, customer data, or confidential information.
  • The warning asks users to avoid posting secrets in public GitHub issues.
  • The warning points users to a private security reporting path if available.
  • The wording is clear and beginner-friendly.

Alternatives Considered

Leave this warning only in the security policy, but many first-time contributors may not read the security policy before opening a public issue.

Additional Context

This is a documentation-focused good first issue. It is suitable for first-time contributors and does not require local Rust setup.

Checks

  • I have searched existing issues and this feature has not been requested yet.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions