status-go/vendor/github.com/libp2p/go-libp2p/SECURITY.md

21 lines
939 B
Markdown
Raw Normal View History

2023-05-19 20:23:55 +00:00
# Security Policy
go-libp2p is still in development. This means that there may be problems in our protocols,
or there may be mistakes in our implementations.
We take security vulnerabilities very seriously. If you discover a security issue,
please bring it to our attention right away!
## Reporting a Vulnerability
If you find a vulnerability that may affect live deployments -- for example, by exposing
a remote execution exploit -- please [**report privately**](https://github.com/libp2p/go-libp2p/security/advisories/new).
Please **DO NOT file a public issue**.
If the issue is an implementation weakness that cannot be immediately exploited or
something not yet deployed, just discuss it openly.
If you need assistance, please reach out to [security@libp2p.io](mailto:security@libp2p.io).
## Reporting a non security bug
For non-security bugs, please simply file a GitHub [issue](https://github.com/libp2p/go-libp2p/issues/new).