Create a `security.txt` that is shipped with Nextcloud

[solracsf]

How to use GitHub

• Please use the 👍 reaction to show that you are interested into the same feature.
• Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
• Subscribe to receive notifications on status change and new comments.

Is your feature request related to a problem? Please describe.

Shipping a security.txt with every Nextcloud installation could be a great addition.
So every researcher/pentester could report directly to official Nextcloud security channels (hackerone, etc).

Describe the solution you'd like

See https://securitytxt.org/

[joshtrichards]

See #27628 :-)

https://github.com/nextcloud/server/blob/master/apps/settings/lib/WellKnown/SecurityTxtHandler.php

Or do you mean an actual text file in the distribution package?

[solracsf]

No, that's it :-D