Skip to content

Security: abetwothree/tolki

SECURITY.md

Security Policy

Supported Versions

Version Supported
latest

Reporting a Vulnerability

If you discover a security vulnerability in any Tolki package, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please send an email to [[email protected]] with the following information:

  • A description of the vulnerability
  • Steps to reproduce the issue
  • The affected package(s) and version(s)
  • Any potential impact

You should receive a response within 48 hours acknowledging receipt. We will work with you to understand the issue and coordinate a fix and disclosure timeline.

Disclosure Policy

  • We will confirm receipt of your report within 48 hours.
  • We will provide an estimated timeline for a fix within 7 days.
  • We will notify you when the vulnerability has been fixed.
  • We will credit you in the release notes (unless you prefer to remain anonymous).

There aren't any published security advisories