Security policy

All our packages are provided as-is without any guarantees or SLAs.

Policy

Reago follows the GitHub CVD process and will use GHSA to manage discussions of vulnerabilities and fixes.

We commit to create public CVE advisories through Github if applicable.

Reporting a vulnerability

Please do not report security vulnerabilities through public GitHub issues.

If you believe you have found a security vulnerability, we encourage you to responsibly disclose this through a secure channel.

We will investigate all legitimate reports and do our best to quickly fix the problem.

In order for the vulnerability reports to reach maintainers as soon as possible, the preferred way is to use the "Report a vulnerability" button under the "Security" tab of the GitHub project. This creates a private communication channel between the reporter and the maintainers.

If you are absolutely unable to or have strong reasons not to use GitHub's vulnerability reporting workflow, please reach out to the author directly at https://github.com/sebastian-nowak.

Preferred language

We prefer all communications to be in English.

Security policy ​

Policy ​

Reporting a vulnerability ​

Preferred language ​

Security policy

Policy

Reporting a vulnerability

Preferred language