If you discover a security vulnerability in ReadingBat, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, email pambrose@mac.com with:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You should receive an acknowledgment within 72 hours. We will work with you to understand and address the issue before any public disclosure.
This policy applies to the readingbat-core repository and the ReadingBat platform it powers.
Security updates are applied to the latest release only.