This document describes the Security Policy for @workloads.
We take security concerns for any of our repositories seriously and appreciate your efforts to responsibly disclose your findings.
We will publicly acknowledge your contribution, if so desired.
To report a security issue or to disclose any (software) vulnerabilities, email security [at] workloads.io and include the word SECURITY in the subject line.
Disclosures and Vulnerability reports should include:
- description of the issue
- steps to recreate the issue
While not required, we appreciate suggestions on how to mitigate the issue.
We will acknowledge initial reports within 5 working days of the initial reporting date.
We strive to remediate any security concerns within 30 days of the initial reporting date.