fix: drop dead applied.ai@redis.com address; route security to GitHub PVR

rbs333 · claude · rbs333 · commit e0a0bc692c3b · 2026-05-06T14:41:22.000-04:00
The applied.ai@redis.com mailbox doesn't exist, so:

- SECURITY.md now directs vulnerability reports to GitHub's Private
  Vulnerability Reporting (Security tab → "Report a vulnerability"),
  which routes privately to maintainers, and points non-security
  reports to public GitHub issues.
- Removed the email from pyproject.toml authors metadata; kept the
  Redis Inc. name. Otherwise the dead address ships in PyPI metadata
  for every release.

Co-Authored-By: Claude Sonnet 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/SECURITY.md b/SECURITY.md
@@ -3,20 +3,24 @@
 ## Reporting a Vulnerability
 
 If you believe you have discovered a security vulnerability in `sql-redis`,
-please **do not open a public GitHub issue or pull request**.
+please report it **privately** through GitHub's private vulnerability
+reporting:
 
-Instead, report it privately to the Redis applied AI team at
-**applied.ai@redis.com**.
+1. Go to the [Security tab](https://github.com/redis-developer/sql-redis/security)
+   of the repository.
+2. Click **Report a vulnerability**.
+3. Fill in the form with a description of the issue, reproduction steps,
+   affected versions, and any suggested mitigations.
 
-Please include:
+This sends the report directly to maintainers without making it public, and
+gives us a place to coordinate the fix and disclosure timeline with you.
 
-- A description of the issue and the potential impact.
-- Steps to reproduce the vulnerability (proof of concept, sample SQL, etc.).
-- The version of `sql-redis` and Redis you are using.
-- Any suggested mitigations, if you have them.
+**Please do not open a public GitHub issue or pull request** for security
+reports — that would disclose the vulnerability before a fix is available.
 
-We will acknowledge receipt within five business days and work with you on a
-disclosure timeline.
+For non-security bugs and feature requests, regular
+[GitHub issues](https://github.com/redis-developer/sql-redis/issues) are the
+right place.
 
 ## Supported Versions
 
diff --git a/pyproject.toml b/pyproject.toml
@@ -3,7 +3,7 @@ name = "sql-redis"
 # NOTE: The version below is automatically incremented by the release workflow - do not manually adjust it.
 version = "0.5.0"
 description = "SQL to Redis command translation utility"
-authors = [{ name = "Redis Inc.", email = "applied.ai@redis.com" }]
+authors = [{ name = "Redis Inc." }]
 requires-python = ">=3.9,<3.14"
 readme = "README.md"
 license = "MIT"
