Skip to content
This repository has been archived by the owner on Sep 7, 2023. It is now read-only.

Latest commit

 

History

History
18 lines (11 loc) · 1.14 KB

SECURITY.md

File metadata and controls

18 lines (11 loc) · 1.14 KB

Security Policy

This document outlines our security policy and guidelines on disclosing vulnerabilities. We use github Security Advisory to manage the process, so please ensure you've 2FA enabled on your github account before disclosing any vulnerability.

  1. Create a security advisory on github
  2. Include a demonstration or a POC along with detailed bug report.
  3. A member from our security team will look into it with in 48 hours. If you haven't received any acknowledgement please send an email to [email protected] and escalate it.

⚠️ DO NOT CREATE A GITHUB ISSUE to report a security vulnerability.

We really appreciate your interest in helping us keep things secure and serving the ecosystem better.

3rd party Security Audits

We haven't undergone any 3rd party security audits. However, we do expect to conduct a thorough audit in the future.

Bug Bounty Program

Due to financial constraints, we do not currently have a paid bug bounty program. We expect this to change in the future, although do not guarantee it, in which case retrospective grants will be considered on a case by case basis.