DO NOT report security vulnerabilities through public GitHub issues.
Instead, please report them through one of these channels:
- GitHub Security Advisories: Report a vulnerability (Preferred)
Please include the following information:
- Type of issue (e.g., buffer overflow, SQL injection, cross-site scripting, etc.)
- Full paths of source file(s) related to the manifestation of the issue
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit it
- Initial Response: For now this is a pet project. I'll try to respond quickly
- Resolution Timeline: see Initial Response
- If this gets big enough to impact society I'll rewrite this