Currently, the latest version of ATProtoKit
supports security vulnerability reports.
Please don’t report possible security vulnerabilities in public forums, channels, or services. This includes the Issues section on GitHub, Discord, or some other service. Instead, please go to Security > Advisories and click on New Draft Security Advisory. Alternatively, you can email me at security@cjrriley.com
with the subject line ATProtoKit Security Issue: [title of vulnerability]
. Please type out what you found, how to reproduce the steps, a possible link to a sample project that can reproduce the error, and any other additional information that could help me fix the problem.
I will get back to you within three business days, along with a follow-up when I fix the vulnerabilities. Once I fixed it, you’re free to discuss it.
If you’d like for me to add you to the CONTRIBUTORS file, please give me the following details:
- Your name; whether it’s:
- First and last name (optional)
- Your username on some Git service (GitHub, GitLab, Bitbucket) (optional)
- An alias (required if you don’t want to use the above options)
- Email address (optional)
- Social media (up to three; Bluesky link encouraged!)
- Website (optional)