At AttoLeap, we take security vulnerabilities seriously. If you discover a security issue in this repository, please report it to us promptly.
Please do not report security vulnerabilities through public GitHub issues. Instead, please email us at [email protected]. We will review and respond to security reports in our best effort, and work with you to assess and address any issues.
This security policy applies to all the repositories under the AttoLeap organization.
Once a security vulnerability is reported to us, we follow these steps:
- Evaluation: We will review the reported vulnerability and its impact on our systems and users.
- Response: We will work with the reporter to understand and validate the vulnerability.
- Fix: Our team will develop and test a fix for the vulnerability.
- Disclosure: Once a fix is ready, we will coordinate with the reporter on an appropriate disclosure date.
- Release: We will release the fix and communicate about the vulnerability to affected users.
We take several measures to maintain the security of our repositories, including:
- Regular code reviews by our development team.
- Automated testing to detect common security vulnerabilities.
- Following industry best practices for secure coding and deployment.
We encourage responsible disclosure of security vulnerabilities. If you discover a vulnerability, we appreciate your cooperation in disclosing it to us privately. We will acknowledge your contribution publicly if you wish, once the vulnerability is resolved.
Thank you for helping us keep our repositories safe and secure.