Thank you for helping keep LinX and its users safe.
Security fixes are provided on a best-effort basis for:
- the latest code on the default branch
- the latest tagged release
Older branches, forks, and heavily modified downstream deployments may not receive coordinated fixes.
If you believe you have found a security issue, please do not open a public GitHub issue.
Use one of these channels instead:
- Preferred: GitHub Private Vulnerability Reporting / Security Advisory, if enabled for this repository
- Fallback: contact the maintainer through a private security or business contact published with the project
Please include:
- a short description of the issue
- affected component or file path
- reproduction steps or proof of concept
- impact assessment if known
- any suggested mitigation or fix
We aim to:
- acknowledge reports within
5business days - validate and triage the issue
- coordinate a fix and release when appropriate
- credit reporters when they want to be acknowledged
Please avoid:
- public disclosure before a fix is available
- accessing or modifying data that does not belong to you
- disrupting production or third-party systems
We appreciate thoughtful, good-faith disclosure.