From 7654590a0aaf60a453acf50481114daac1fb2fa4 Mon Sep 17 00:00:00 2001
From: Doug Wade <douglas.b.wade@gmail.com>
Date: Thu, 6 Dec 2018 21:05:23 -0800
Subject: [PATCH 1/2] [#1128]: Add security vulnerability disclosure
 instructions to the Readme

---
 Readme.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Readme.md b/Readme.md
index c352d009e..3d1f420dd 100644
--- a/Readme.md
+++ b/Readme.md
@@ -198,6 +198,12 @@ the general Koa guide.
 $ npm test
 ```
 
+## Reporting vulnerabilities
+
+To report a security vulnerability, please do not open an issue, as this notifies attackers
+of the vulnerability.  Instead, please email [jonathanong](mailto:me@jongleberry.com) to
+disclose.
+
 ## Authors
 
 See [AUTHORS](AUTHORS).

From ae14b65700254e02287aa6c98d11a9ed1d9f5543 Mon Sep 17 00:00:00 2001
From: Doug Wade <douglas.b.wade@gmail.com>
Date: Sat, 8 Dec 2018 13:38:56 -0800
Subject: [PATCH 2/2] [#1128]: Add deadhorse to disclosure list

---
 Readme.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Readme.md b/Readme.md
index 3d1f420dd..f9fa7b102 100644
--- a/Readme.md
+++ b/Readme.md
@@ -201,7 +201,7 @@ $ npm test
 ## Reporting vulnerabilities
 
 To report a security vulnerability, please do not open an issue, as this notifies attackers
-of the vulnerability.  Instead, please email [jonathanong](mailto:me@jongleberry.com) to
+of the vulnerability. Instead, please email [dead_horse](mailto:heyiyu.deadhorse@gmail.com) and [jonathanong](mailto:me@jongleberry.com) to
 disclose.
 
 ## Authors