Skip to content

Latest commit

 

History

History
15 lines (8 loc) · 856 Bytes

SECURITY.md

File metadata and controls

15 lines (8 loc) · 856 Bytes

Security Policy

Reporting a Vulnerability

Responsible disclosure enhances security for the entire community.

Contact

Preferred communication channel for initiating contact is e-mail. E-mail isn't encrypted, and if sensitive data needs to be transmitted, we can then switch to an encrypted communication channel, such as Signal.

Email address: [email protected]

Procedure

If the issue is deemed a vulnerability, we will release a patch version of our software and make sure that finds its way to Maven Central before we push the patch to GitHub. After the patch is available on Maven Central, we will also provide a security advisory through GitHub. As with every release, the source jars are published to Maven Central at the same time as the binaries.