I value responsible disclosure to protect the security and privacy of all users of this project. I actively encourage respectful and non-disruptive testing and reporting of detected vulnerabilities, within the following guidelines:
- DO submit reports as soon as you are aware of an issue
- DO allow time to assess and respond to the submission
- DO respect the availability, confidentiality and privacy of our services, users and any 3rd party systems
- DO NOT attack or otherwise interfere with any account you are not the owner of
- DO NOT violate any applicable laws or regulations
- DO NOT disclose issues publicly before we've had time to assess and respond appropriately