Security
We prioritize product integrity and user security. Report vulnerabilities privately and responsibly so we can investigate and address them quickly.
I take the integrity of every product I build seriously. If you find a vulnerability, I want to know about it and I will act on it quickly.
Reporting a Vulnerability
Report security issues privately. Do not open a public issue.
Reach me at [email protected] or through omrajguru.com/contact.
Include:
- A clear description of the vulnerability
- The steps required to reproduce it
- The potential impact as you understand it
- Any relevant logs, screenshots, or proof of concept
The more specific your report, the faster I can respond.
What to Expect
I will acknowledge your report within 48 hours. I will keep you informed as I investigate and resolve the issue. I will let you know when a fix is live.
I handle every report with discretion. Your report and identity stay private.
Scope
This policy covers all repositories and products under this org, both current and future.
A Note on Responsible Disclosure
I ask that you give me reasonable time to investigate and fix the issue before sharing it publicly. I will work as fast as I can. In return, I will be transparent with you throughout the process.
If you act in good faith and follow this process, I will do the same.