If you discover a security vulnerability in this project, please let us know privately as soon as possible so we can address it before it’s publicly disclosed.
You can report issues via one of these two channels:
- GitHub: Open a private security issue
Please include as much information as you can, such as:
- A description of the vulnerability
- Steps to reproduce (ideally with proof-of-concept code)
- The impact or scope of the issue
- Acknowledgment
We aim to respond within 48 hours of receiving your report. - Investigation
We’ll validate and assess the impact, and may follow up for more details. - Fix & Release
A fix will be prepared in a private branch and merged into the next patch release. - Public Disclosure
Once a patched version is available, we’ll post a public advisory on GitHub and update this file.
- GitHub Security Issues (preferred):
https://github.com/YourOrg/YourRepo/issues/new?labels=security&template=security.md - Email: [email protected]
Thank you for helping us keep this project safe!