Vulnerability Disclosure Policy¶
Please observe the standard best practices of responsible disclosure, especially considering that this is OSS. See OWASP’s disclosure cheat sheet.
Some basic rules:
- Keep it legal.
- Respect everyone’s privacy.
- Contact the core maintainer(s) immediately if you discover a serious security vulnerability (imichael@pm.me for now).