Skip to content

Security: tjcsl/director4

SECURITY.md

Security Policy

Reporting a Vulnerability

If you become aware of security-related issues or security vulnerabilities, please email the private [email protected] list with the details necessary to reproduce the issue.

Even if you know how to fix the issue, please contact the Director 4.0 developers directly before opening a pull request, or even before pushing to your fork. This will allow the developers to pre-review your changes and make sure the build will pass so that the changes can be merged and deployed as quickly as possible once they are made public.

When should I report a vulnerability

  • You think you discovered a potential security vulnerability in the application
  • You think you discovered a potential security vulnerability in the production deployment of the application
  • You are unsure how a vulnerability affects the application
  • You think you discovered a vulnerability in another project that application depends on
    • For projects with their own vulnerability reporting and disclosure process, please report it directly there

There aren’t any published security advisories