docs: Update security and help page

feathersjs · Jan 23, 2024 · 473d028 · 473d028
1 parent a49c2c2
commit 473d028
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/docs/guides/security.md b/docs/guides/security.md
@@ -4,7 +4,7 @@ We take security very seriously at Feathers. We welcome any peer review of our 1
 
 ## Reporting security issues
 
-In order to give the community time to respond and upgrade, we strongly urge you report all security issues to us. Send us a PM in [Slack](http://slack.feathersjs.com) or email us at [hello@feathersjs.com](mailto:hello@feathersjs.com) with details, and we will respond ASAP. Security issues always take precedence over bug fixes and feature work; so, we'll work with you to come up with a resolution and plan and document the issue on Github in the appropriate repo.
+In order to give the community time to respond and upgrade, we strongly urge you report all security issues to us. Send us a PM on [Discord](https://discord.gg/qa8kez8QBx) or email us at [hello@feathersjs.com](mailto:hello@feathersjs.com) with details, and we will respond ASAP. Security issues always take precedence over bug fixes and feature work; so, we'll work with you to come up with a resolution and plan and document the issue on Github in the appropriate repo.
 
 Issuing releases is typically very quick. Once an issue is resolved it is usually released immediately with the appropriate semantic version.
 
@@ -32,5 +32,3 @@ Here are some things that you should be aware of when writing your app to make s
 As with any web application **you** need to guard against XSS attacks. Since Feathers persists the JWT in localstorage in the browser, if your app falls victim to a XSS attack your JWT could be used by an attacker to make malicious requests on your behalf. This is far from ideal. Therefore you need to take extra care in preventing XSS attacks. Our stance on this particular attack vector is that if you are susceptible to XSS attacks, then a compromised JWT is the least of your worries because keystrokes could be logged and attackers can just steal passwords, credit card numbers, or anything else your users type directly.
 
 For more information see [this issue](https://github.com/feathersjs/authentication/issues/132)
-
-
diff --git a/docs/help/index.md b/docs/help/index.md
@@ -28,6 +28,10 @@ If none of those work it's a very real possibility that we screwed something up
 
 [Ask on StackOverflow using the `feathersjs` tag >](http://stackoverflow.com)
 
+## Consulting and app development
+
+[Feathers Cloud](https://feathers.cloud/) specialize in app development and consulting to get your app on the right track. [Contact us](https://feathers.cloud/consulting.html) to see how we can help.
+
 ## Support Feathers, get help
 
 By [becoming a sponsor](https://github.com/sponsors/daffl/) you support Feathers continued development and get access to a Feathers newsletter and tiers with 30 or 60 minute monthly office hour sessions to walk you through any issues you may be facing using FeathersJS. This may include architecture discussions, debug sessions, patterns, or more.