14 lines
533 B
Markdown
14 lines
533 B
Markdown
# Security Policy
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
`apache/brpc` follows the [Apache Software Foundation security process](https://www.apache.org/security/). Please report suspected
|
|
vulnerabilities privately to `security@apache.org`; do not open public
|
|
GitHub issues or pull requests for security reports.
|
|
|
|
## Threat Model
|
|
|
|
What the project treats as in scope and out of scope, the security
|
|
properties it provides and disclaims, the adversary model, and how
|
|
findings are triaged are documented in [THREAT_MODEL.md](./THREAT_MODEL.md).
|