{"meta":{"title":"How-tos for reporting and fixing vulnerabilities","intro":"Learn how to establish security policies and enable private channels for reporting vulnerabilities in your repository.","product":"Security and code quality","breadcrumbs":[{"href":"/en/code-security","title":"Security and code quality"},{"href":"/en/code-security/how-tos","title":"How-tos"},{"href":"/en/code-security/how-tos/report-and-fix-vulnerabilities","title":"Report and fix vulnerabilities"},{"href":"/en/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting","title":"Configure vulnerability reporting"}],"documentType":"subcategory"},"body":"# How-tos for reporting and fixing vulnerabilities\n\nLearn how to establish security policies and enable private channels for reporting vulnerabilities in your repository.\n\n## Links\n\n* [Adding a security policy to your repository](/en/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/adding-a-security-policy-to-your-repository)\n\n  You can give instructions for how to report a security vulnerability in your project by adding a security policy to your repository.\n\n* [Configuring private vulnerability reporting for a repository](/en/code-security/how-tos/report-and-fix-vulnerabilities/configure-vulnerability-reporting/configuring-private-vulnerability-reporting-for-a-repository)\n\n  Owners and administrators of public repositories can allow security researchers to report vulnerabilities securely in the repository by enabling private vulnerability reporting."}