libresign/SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a vulnerability in our system, please use the following process:

1. Where to Report: Submit your report via the GitHub private reporting feature.
2. Updates: Expect an initial response within 48 hours.
3. Review Process: We'll personally review your report and may contact you for further information.
4. Outcome: You will be informed whether the vulnerability has been accepted or declined. If accepted, We'll work on implementing a fix.

Your contributions to the security of this project are greatly appreciated.