Skip to content

Security: tjcsl/ion

SECURITY.md

Security Policy

Reporting a Vulnerability

If you become aware of security-related issues or security vulnerabilities, please email the private [email protected] list with the details necessary to reproduce the issue.

Even if you know how to fix the issue, please contact the Intranet developers directly before opening a pull request, or even before pushing to your fork. This will allow the developers to pre-review your changes and make sure the build will pass so that the changes can be merged and deployed as quickly as possible once they are made public.

When should I report a vulnerability

  • You think you discovered a potential security vulnerability in Ion
  • You are unsure how a vulnerability affects Ion
  • You think you discovered a vulnerability in another project that Ion depends on
    • For projects with their own vulnerability reporting and disclosure process, please report it directly there

There aren’t any published security advisories