Thank you for your interest in keeping Chordnet secure!
If you discover a security issue, please do not open a public issue. Instead, email me directly at [[email protected]] with details.
- Provide as much information as possible to help reproduce and address the issue (e.g., steps to reproduce, environment, affected versions, and any relevant logs or screenshots).
- I aim to acknowledge security reports within 7 days. Resolution or a fix may take longer depending on complexity and my availability, but I will keep you updated.
- If you are able to help fix the issue, that is welcome! We can coordinate through the emailed report.
- Please give me a reasonable amount of time to address the issue before any public disclosure.
This policy applies to the Chordnet repository and its published releases. Issues with third-party dependencies should be reported upstream.
Please avoid publicly disclosing vulnerabilities without prior coordination. I appreciate your patience and cooperation while I work to resolve any security concerns.
- Denial of Service (DoS) via resource exhaustion (unless it’s trivial to prevent)
- Social engineering attacks
- Issues in dependencies not maintained by this project
- Vulnerabilities in projects that use chordnet (where the fix is unique to the project, in the project's source code, and/or not a vulnerability specific to chordnet)
Email: [[email protected]]
GitHub: https://github.com/jacklowrie
Thank you for helping keep Chordnet safe for everyone!