If you become aware of security-related issues or security vulnerabilities, please email the private [email protected] list with the details necessary to reproduce the issue.
Even if you know how to fix the issue, please contact the Director 4.0 developers directly before opening a pull request, or even before pushing to your fork. This will allow the developers to pre-review your changes and make sure the build will pass so that the changes can be merged and deployed as quickly as possible once they are made public.
- You think you discovered a potential security vulnerability in the application
- You think you discovered a potential security vulnerability in the production deployment of the application
- You are unsure how a vulnerability affects the application
- You think you discovered a vulnerability in another project that application depends on
- For projects with their own vulnerability reporting and disclosure process, please report it directly there