mirror of
https://github.com/Finsys/dockhand.git
synced 2026-06-17 19:09:33 +03:00
Jarek Krochmalski
28 lines
1.3 KiB
Markdown
28 lines
1.3 KiB
Markdown
## How to Report a Security Flaw
|
|
|
|
Keeping Dockhand secure is a **top** priority. We highly value community contributions that help protect our users.
|
|
|
|
> [!IMPORTANT]
|
|
> If you discover a security vulnerability, please do not create a public GitHub issue - this can expose users to risk before a fix is available.
|
|
> If you find a security vulnerability, we ask that you keep it private and avoid opening a public issue on GitHub.
|
|
> Instead, please email us directly at [[security@dockhand.pro](mailto:security@dockhand.pro)]. This inbox has the highest priority.
|
|
|
|
## Details to Include
|
|
|
|
To help us track down and resolve the bug as efficiently as possible, please provide the following information in your email:
|
|
- A clear explanation of the flaw
|
|
- A step-by-step guide on how to reproduce the issue
|
|
- The specific Dockhand versions and host environments where the bug is present
|
|
- Any ideas you have for a patch or temporary workaround
|
|
|
|
|
|
## Our take
|
|
|
|
Once you submit a report, we promise to:
|
|
- Confirm receipt of your message within a couple of hours
|
|
- Swiftly investigate and verify the vulnerability
|
|
- Roll out a secure patch as quickly as possible
|
|
- Keep you updated throughout the entire patching process
|
|
|
|
We deeply appreciate your commitment to responsible disclosure and your help in keeping the Dockhand ecosystem safe.
|