Thank you for helping keep StellarForge secure.
We welcome responsible security research and appreciate reports of potential vulnerabilities affecting any StellarForge repository or module.
If you discover a security issue, please report it privately by creating a GitHub Private Vulnerability Report (GitHub Security Advisory) for the affected repository.
Please include, where possible:
- A description of the vulnerability.
- Steps to reproduce the issue.
- The affected module or component.
- The potential impact.
- Any suggested mitigation or fix (optional).
This policy applies to all official StellarForge repositories, including but not limited to:
- stellarforge-cli
- stellarforge-sdk
- stellarforge-workflows
- stellarforge-examples
Additional repositories added under the StellarForge project will also follow this policy.
We aim to:
- Acknowledge reports as soon as reasonably possible.
- Investigate and validate reported issues.
- Work collaboratively with reporters throughout the resolution process.
- Publish fixes and security advisories when appropriate.
We appreciate everyone who helps improve the security and reliability of StellarForge.