If you discover a security vulnerability in this project, we appreciate your responsible disclosure. To report a vulnerability, please follow these steps:
-
Do Not Disclose Publicly
Do not open a public issue regarding the vulnerability. We ask that you keep the information confidential until we can address the issue and notify our users. -
Send a Report
You can report any vulnerabilities via email to the following contact:Security Team Contact: [email protected]
-
Include the Following Information
- Detailed description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any possible mitigations you can suggest
-
Response Time
We will respond to your report within 48 hours. After the initial assessment, we will provide you with a detailed plan to address the issue, including the timeline for a fix. -
Acknowledgement
Once the vulnerability is resolved, we will give you credit for the responsible disclosure in our release notes, unless you prefer to remain anonymous.
We continuously monitor and update dependencies for security patches. Please ensure you are using the latest version of our software to stay protected.