You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The omnipkg team takes security seriously and appreciates the security community's efforts to responsibly disclose vulnerabilities. If you have discovered a security vulnerability, please report it to us as soon as possible.
4
+
Please do not open a public issue. Instead, send an email to 1minds3t@proton.me (or another designated security email address). We will acknowledge your email within 48 hours and will work with you to address the vulnerability.
5
+
Responsible Disclosure Policy
6
+
We will follow a standard responsible disclosure process. Our commitment to you:
7
+
* We will acknowledge receipt of your vulnerability report in a timely manner.
8
+
* We will provide you with a timeframe for addressing the vulnerability.
9
+
* We will credit you for your discovery after the vulnerability has been patched and publicly released, unless you prefer to remain anonymous.
10
+
* We ask that you do not disclose the vulnerability publicly until we have released a fix. We will work with you to agree on a coordinated public disclosure date.
11
+
Guidelines for Reporters
12
+
We ask you to adhere to these guidelines when researching and reporting vulnerabilities:
13
+
* Provide a clear, detailed description of the vulnerability, including steps to reproduce it.
14
+
* Do not disclose the vulnerability or any details about it to third parties or on public forums until we have resolved it and agreed on a public disclosure date.
15
+
* Do not exploit the vulnerability to access, modify, or destroy user data or system integrity.
16
+
* Do not engage in activities that could compromise the confidentiality, integrity, or availability of our systems.
17
+
Scope
18
+
This security policy applies to the official omnipkg open-source repository and its published packages.
0 commit comments