Skip to content

Security: northwood-labs/csp-parser

SECURITY.md

Security Policy

Reporting a Vulnerability

If you believe you have found a legitimate security vulnerability, please report it.

There is no bounty program, and there are no payments for discovering/reporting security vulnerabilities, but we all benefit from software that is more secure. Happy to provide public thanks once the issue has been resolved.

What I need is:

  • An explanation of the bug.
  • A minimum viable reproduction case which triggers the issue.
  • What you expected to happen.
  • What actually happened.
  • [OPTIONAL] A suggested patch attached as a .diff file, if you have one.

I don't check my email every day, and I get LOTS of email. It may take me up to a week to discover your message. I will respond as soon as I see your message and confirm that I can reproduce the issue.

Thank you for participating in the responsible disclosure of security vulnerabilities.

There aren’t any published security advisories