From 44f5a896d02ac760ad3b0f719d456a213e121b20 Mon Sep 17 00:00:00 2001
From: GJS <163113183+homelab-alpha@users.noreply.github.com>
Date: Thu, 6 Feb 2025 13:33:27 +0100
Subject: [PATCH 1/2] Enhance security issue template (#5593)

---
 .github/ISSUE_TEMPLATE/config.yml         |  2 +
 .github/ISSUE_TEMPLATE/security.md        | 17 ---------
 .github/ISSUE_TEMPLATE/security_issue.yml | 45 +++++++++++++++++++++++
 3 files changed, 47 insertions(+), 17 deletions(-)
 create mode 100644 .github/ISSUE_TEMPLATE/config.yml
 delete mode 100644 .github/ISSUE_TEMPLATE/security.md
 create mode 100644 .github/ISSUE_TEMPLATE/security_issue.yml

diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 000000000..bd9dfe4ef
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,2 @@
+---
+blank_issues_enabled: false
diff --git a/.github/ISSUE_TEMPLATE/security.md b/.github/ISSUE_TEMPLATE/security.md
deleted file mode 100644
index 708670e85..000000000
--- a/.github/ISSUE_TEMPLATE/security.md
+++ /dev/null
@@ -1,17 +0,0 @@
----
-
-name: "Security Issue"
-about: "Just for alerting @louislam, do not provide any details here"
-title: "Security Issue"
-ref: "main"
-labels:
-
-- security
-
----
-
-DO NOT PROVIDE ANY DETAILS HERE. Please privately report to https://github.com/louislam/uptime-kuma/security/advisories/new.
-
-Why need this issue? It is because GitHub Advisory do not send a notification to @louislam, it is a workaround to do so.
-
-Your GitHub Advisory URL:
diff --git a/.github/ISSUE_TEMPLATE/security_issue.yml b/.github/ISSUE_TEMPLATE/security_issue.yml
new file mode 100644
index 000000000..08a91ade0
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/security_issue.yml
@@ -0,0 +1,45 @@
+---
+name: "🛡️ Security Issue"
+description: |
+  Notify Louis Lam about a security concern. Please do NOT include any sensitive details in this issue.
+# title: "Security Issue"
+labels: [security]
+assignees: [louislam]
+body:
+  - type: "markdown"
+    attributes:
+      value: |
+        ## **⚠️ Report a Security Vulnerability**
+
+        ### **IMPORTANT: DO NOT SHARE VULNERABILITY DETAILS HERE**
+
+        If you have discovered a security vulnerability, please report it securely using the GitHub Security Advisory.
+
+        **Note**: This issue is only for notifying the maintainers of the repository, as the GitHub Security Advisory does not automatically send notifications.
+
+        - **Confidentiality**: The information you provide in the GitHub Security Advisory will initially remain confidential. However, once the vulnerability is addressed, the advisory will be publicly disclosed on GitHub.
+        - **Access and Visibility**: Until the advisory is published, it will only be visible to the maintainers of the repository and invited collaborators.
+        - **Credit**: You will be automatically credited as a contributor for identifying and reporting the vulnerability. Your contribution will be reflected in the MITRE Credit System.
+        - **Important Reminder**: **Do not include any sensitive or detailed vulnerability information in this issue.** This issue is only for sharing the advisory URL to notify the maintainers of the repository, not for discussing the vulnerability itself.
+
+        **Thank you for helping us keep Uptime Kuma secure!**
+
+        ## **Step 1: Submit a GitHub Security Advisory**
+
+        Right-click the link below and select `Open link in new tab` to access the page. This will keep the security issue open, allowing you to easily return and paste the Advisory URL here later.
+
+        ➡️ [Create a New Security Advisory](https://github.com/louislam/uptime-kuma/security/advisories/new)
+
+        ## **Step 2: Share the Advisory URL**
+
+        Once you've created your advisory, please share the URL below. This will notify @louislam and enable them to take the appropriate action.
+
+  - type: "textarea"
+    id: github-advisory-url
+    validations:
+      required: true
+    attributes:
+      label: "GitHub Advisory URL"
+      placeholder: |
+        Paste the GitHub Advisory URL here.
+        Example: https://github.com/louislam/uptime-kuma/security/advisories/GHSA-8h5r-7t6l-q3kz

From 7482d5824d231e026abc7f32b9312b547fd464b0 Mon Sep 17 00:00:00 2001
From: GJS <163113183+homelab-alpha@users.noreply.github.com>
Date: Thu, 6 Feb 2025 19:38:50 +0100
Subject: [PATCH 2/2] Fix: Updated security issue template (#5604)

---
 .github/ISSUE_TEMPLATE/security_issue.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/security_issue.yml b/.github/ISSUE_TEMPLATE/security_issue.yml
index 08a91ade0..0104f9c3c 100644
--- a/.github/ISSUE_TEMPLATE/security_issue.yml
+++ b/.github/ISSUE_TEMPLATE/security_issue.yml
@@ -32,14 +32,14 @@ body:
 
         ## **Step 2: Share the Advisory URL**
 
-        Once you've created your advisory, please share the URL below. This will notify @louislam and enable them to take the appropriate action.
+        Once you've created your advisory, please share the URL below. This will notify Louis Lam and enable them to take the appropriate action.
 
   - type: "textarea"
     id: github-advisory-url
     validations:
       required: true
     attributes:
-      label: "GitHub Advisory URL"
+      label: "GitHub Advisory URL for @louislam"
       placeholder: |
-        Paste the GitHub Advisory URL here.
+        Please paste the GitHub Advisory URL here. Only the URL is required.
         Example: https://github.com/louislam/uptime-kuma/security/advisories/GHSA-8h5r-7t6l-q3kz