We take the security of our projects seriously. If you discover a security vulnerability, please do not open a public issue.
Instead, report it privately by emailing security@8080.li.
Please include:
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Any potential impact
You should receive a response within 48 hours. If you don't, please follow up.
We follow a coordinated disclosure process:
- Report received and acknowledged
- Investigation and fix development
- Fix released and disclosed publicly
We aim to resolve critical issues within 14 days.
We only provide security patches for the latest stable release of each project. Always use the latest version.