If you find a security vulnerability in one of our projects, we ask that you follow these steps to report it responsibly and safely:
- Do not make the vulnerability public: Do not open an issue or publicly disclose the vulnerability.
- Contact us privately: Send us an email to dev@pigeonposse.com with the following details:
- A description of the vulnerability.
- Detailed steps to reproduce it.
- The version of the affected software or repository.
- Acknowledgement: If you wish, we can give you public credit for your report once the vulnerability is fixed and the patch is released.
We take security seriously and perform regular security updates on our projects. To stay on top of security updates, make sure you have notifications enabled for the relevant repositories in our organization.
with