Skip to content

Security: 99linesofcode/.github

Security

.github/SECURITY.md

Security

We takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations.

If you believe you have found a security vulnerability in any of our repositories, please report it to us as described below.

Reporting Security Issues

Please do not report security vulnerabilities through public GitHub issues.

Instead, please report them by sending an e-mail to 99linesofcode@gmail.com.

If possible, encrypt your message with the public PGP key below:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEZaaseBYJKwYBBAHaRw8BAQdA8FOTsItilicBKW5RSjBt4tGPpLO5zNOO+nOz
4ARtQAi0JkpvcmR5IFNjaHJldWRlcnMgPGpvcmR5QHNjaHJldWRlcnMuaXQ+iJkE
ExYKAEEWIQRYcF6lkd79PcsgbNNXfaCPMszZ4gUCZaaseAIbAwUJAeEzgAULCQgH
AgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRBXfaCPMszZ4hoJAQDVvyLTWiIcEWi7
Fn1MmqpeAcUka35hYoCRWq4/QzmsZgEAtKOdkJWaoT1/hQUwpRRT4xrnzx8IjRSp
0rVCfwsv9Q+0Pjk5bGluZXNvZmNvZGUgPDMwNzEwNjIrOTlsaW5lc29mY29kZUB1
c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+iJkEExYKAEEWIQRYcF6lkd79PcsgbNNX
faCPMszZ4gUCZabKagIbAwUJAeEzgAULCQgHAgIiAgYVCgkICwIEFgIDAQIeBwIX
gAAKCRBXfaCPMszZ4qhMAP9FW1P6WrzG+rM3Yu2I72AYNU4DwPt7V7F3EJ5VGS8K
4gD+K1cRz0UeM0AjXadyWj4rFh7iEyiy5Em0ytjtaLHjsgi4OARlpqx4EgorBgEE
AZdVAQUBAQdA56AJtDGbpEy2nMgaN810Acemy08JsrWJmctxkYqwlgkDAQgHiH4E
GBYKACYWIQRYcF6lkd79PcsgbNNXfaCPMszZ4gUCZaaseAIbDAUJAeEzgAAKCRBX
faCPMszZ4qj/AQC4ER7N3D0GY0MVkOSmFQtXMtrZl6wy4hWWsvc5o8H13AEAzBq9
MTBWUiVpwAteADh7XXvwI/eGndszL5kY07DBOwE=
=Js9y
-----END PGP PUBLIC KEY BLOCK-----

You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message.

Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:

  • Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
  • Full paths of source file(s) related to the manifestation of the issue
  • The location of the affected source code (tag/branch/commit or direct URL)
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code (if possible)
  • Impact of the issue, including how an attacker might exploit the issue

This information will help us triage your report more quickly.

Preferred Languages

We prefer all communication to be in English.

Policy

We follow the principles of Coordinated Vulnerability Disclosure.

There aren’t any published security advisories