If you discover a security vulnerability in OpenDecree, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, please report it via GitHub Security Advisories with:
- A description of the vulnerability
- Steps to reproduce
- The potential impact
- Any suggested fix (optional)
You should receive a response within 48 hours. We will work with you to understand and address the issue before any public disclosure.
| Version | Supported |
|---|---|
| latest | Yes |
This policy covers the OpenDecree server, CLI, and SDK packages in this repository.