DevPayr is a payment-agnostic licensing and enforcement platform.
While the core platform is private, this repository contains community contributions, examples, and documentation.
Security and privacy are extremely important to us.
This document explains how to report security issues responsibly.
You may report security vulnerabilities related to:
- Example integrations (
examples/) - SDK helper utilities (
sdk/) - Public documentation errors that could mislead users into insecure implementations
- Repository configuration or workflows that may expose risks
Note:
Reports about the private DevPayr platform are also welcomed, but please do not disclose them publicly.
Please do not submit the following as security issues:
- General feature requests
- Billing or account issues
- License key problems unrelated to security
- Attempts to reverse-engineer or extract private DevPayr code
- Vulnerabilities caused by user-side misconfiguration
- Social engineering speculation
To report a security vulnerability:
Send your report to:
security@devpayr.com
(If unavailable, use support@devpayr.com)
Please include:
- A clear description of the issue
- Steps to reproduce
- Impact assessment
- Any supporting screenshots or proof of concept
Security reports must remain confidential until resolved.
After you submit your report:
- A maintainer will acknowledge receipt within 72 hours
- The issue will be validated and investigated
- We will communicate:
- Whether it is accepted
- Any required follow-up details
- A fix or update will be prepared
- You may be credited publicly
Response times may vary depending on severity.
Please follow responsible disclosure practices:
- Do not publish the vulnerability before a fix is ready
- Do not attack production systems or user accounts
- Do not access data belonging to others
- Avoid using automated scanners against DevPayr without permission
We deeply appreciate researchers who follow these guidelines.
We value the time and expertise of developers and researchers who help us keep DevPayr secure and reliable.
Thank you for protecting the community.
β XulTech LTD (Maintainers of DevPayr)