991 B
991 B
Security
Reporting Security Issues
Warning
Do not report security vulnerabilities through public GitHub issues!
Instead, please open a private vulnerability report in this repository, on the "Security and quality" tab.
Report Details
We prefer all communications to be in English.
Reports should include the following:
- reproducible example showing how the vulnerability can be exploited
- statement about the impact (including affected versions)
And we'd appreciate if they also include:
- statement about whether you are interested in implementing the fix yourself
Disclosure Policy
This project is staffed exclusively by volunteers. Please be patient and allow us time to respond before disclosing vulnerabilities.
We prefer to coordinate disclosure privately, and are committed to giving credit for confirmed vulnerabilities.