Skip to content

Security: PacktDev/amundsen

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you think you have found a security vulnerability, please send a report to [email protected]. Please do not post security vulnerabilities on Slack.

We don't currently have a PGP key, unfortunately.

An Amundsen committer will send you a response indicating the next steps in handling your report. After the initial reply to your report, the committer will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

Important: Please don't disclose the vulnerability before it have been fixed and announced, to protect our users.

Security announcements

Please subscribe to the announcements mailing list, where we post notifications and remediation details for security vulnerabilities.

There aren’t any published security advisories