docs: Add vulnerability reporting details.

chriseppstein · chriseppstein · commit 51bb09fd6c1f · 2018-04-17T09:53:08.000-07:00
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -56,10 +56,11 @@ package scripts to manage the project, E.g. `yarn run test` or
 Responsible Disclosure of Security Vulnerabilities
 ==================================================
 
-Please do not file reports on Github for security issues.
-Please review the guidelines on at (link to more info).
-Reports should be encrypted using PGP (link to PGP key) and sent to
-security@linkedin.com preferably with the title "Github linkedin/css-blocks - <short summary>".
+**Do not file an issue on Github for security issues.**  Please review
+the [guidelines for disclosure][disclosure_guidelines].  Reports should
+be encrypted using PGP ([public key][pubkey]) and sent to
+[security@linkedin.com][disclosure_email] preferably with the title
+"Vulnerability in Github LinkedIn/css-blocks - &lt;short summary&gt;".
 
 Tips for Getting Your Pull Request Accepted
 ===========================================
@@ -69,3 +70,7 @@ Tips for Getting Your Pull Request Accepted
 3. Open an issue first and seek advice for your change before submitting
    a pull request. Large features which have never been discussed are
    unlikely to be accepted. **You have been warned.**
+
+disclosure_guidelines: https://www.linkedin.com/help/linkedin/answer/62924
+pubkey: https://gist.github.com/chriseppstein/3f45d3a8e6fb42f24cb7b3f77f21381e
+disclosure_email: mailto:security@linkedin.com?subject=Vulnerability%20in%20Github%20LinkedIn/css-blocks%20-%20%3Csummary%3E
