18 lines
740 B
Markdown
18 lines
740 B
Markdown
# Security policy
|
|
|
|
Even though this project is focused on security, it is still prone to possible vulnerabilities. We consider every security bug as a serious issue and will try our best to address it.
|
|
|
|
## Responsible disclosure
|
|
|
|
If you have found a security bug, please send us an email at security \[@\] bunkerity.com (using a ProtonMail if possible) with technical details so we can resolve it as soon as possible.
|
|
|
|
Here is a non-exhaustive list of issues we consider as high risk :
|
|
- Vulnerability in the code
|
|
- Bypass of a security feature
|
|
- Vulnerability in a third-party dependency
|
|
- Risk in the supply chain
|
|
|
|
## Bounty
|
|
|
|
To encourage responsible disclosure, we may reward you with a bounty at the sole discretion of the maintainers.
|