36 lines
981 B
Plaintext
36 lines
981 B
Plaintext
---
|
|
title: Compliance and Reporting
|
|
description: How Context7 handles security reporting, transparency, and compliance certifications
|
|
---
|
|
|
|
How Context7 handles security reporting, transparency, and compliance.
|
|
|
|
## Reporting Security Issues
|
|
|
|
If you discover a security vulnerability:
|
|
|
|
1. **Do not** publicly disclose the issue
|
|
2. Report via [GitHub Security](https://github.com/upstash/context7/security)
|
|
3. Include detailed steps to reproduce the issue
|
|
4. Allow reasonable time for us to address the issue
|
|
|
|
We take all security reports seriously and will respond promptly.
|
|
|
|
## Open Source
|
|
|
|
The Context7 MCP server is open source:
|
|
|
|
- Code is publicly available on GitHub
|
|
- Community can audit and contribute
|
|
- Transparent implementation and practices
|
|
|
|
Repository: [github.com/upstash/context7](https://github.com/upstash/context7)
|
|
|
|
## Compliance Certifications
|
|
|
|
Context7 benefits from Upstash's compliance certifications:
|
|
|
|
- SOC 2 Type II
|
|
- GDPR compliant
|
|
- ISO 27001 (in progress)
|