Reporting a Vulnerability
If you discover a security vulnerability, please do not open public issues on GitHub. Instead, report it to us privately by emailing [email protected] with the following details:
- Description: A clear and concise description of the vulnerability.
- Steps to Reproduce: Detailed steps to reproduce the vulnerability.
- Potential Impact: Information on the potential impact and severity.
- Environment Details: Any relevant information about the environment where the issue was discovered (e.g., operating system, software versions). We will acknowledge receipt of your report within 7 days.
After an initial assessment, we will inform you about the next steps, including:
- Whether we will work on a fix.
- If we are open to accepting a pull request (PR) from you.
- An estimated timeline for addressing the issue.
With your permission, we are happy to acknowledge your contribution in our release notes or a dedicated security section.
Thank you for helping us improve the security of our project!