We greatly value the security community's efforts in helping keep our project safe. If you've discovered a security vulnerability, your responsible disclosure is crucial to us. Here's how you can report it:
- Contact Method: Please send an email to [email protected].
- Email Subject: Please use a concise yet descriptive subject, such as "Security Vulnerability Discovered".
- Vulnerability Details: Provide a comprehensive description of the vulnerability. Include reproduction steps and any other information that might help us effectively understand and resolve the issue.
- Proof of Concept: If possible, please attach any proof of concept or sample code. Please ensure that your research does not involve destructive testing or violate any laws.
- Response Time: We will acknowledge receipt of your report within [e.g., 24 hours] and will keep you informed of our progress.
- Investigation and Remediation: Our team will promptly investigate and work on resolving the issue. We will maintain communication with you throughout the process.
- Disclosure Policy: Please refrain from public disclosure until we have mitigated the vulnerability. We will collaborate with you to determine an appropriate disclosure timeline based on the severity of the issue.
We appreciate your contributions to the security of our project. Contributors who help improve our security may be publicly acknowledged (with consent).
Note: Our security policy may be updated periodically.