Please do not file public issues for security vulnerabilities.
If you believe you have discovered a security vulnerability in this project, please report it privately by emailing:
To help us triage and respond effectively, please include the following in your report when possible:
- A description of the vulnerability and its potential impact
- Steps to reproduce the issue, including any proof-of-concept code
- The affected version(s) or commit hash(es)
- Any suggested mitigations or fixes
We will acknowledge receipt of your report and work with you on a coordinated disclosure timeline. Please refrain from publicly disclosing the issue until we have had a reasonable opportunity to investigate and release a fix.
Thank you for helping keep Springtail and its users safe.