If you have found a security vulnerability, do NOT create a regular issue!!! Instead, encrypt the issue with gpg
or openssl
.
To report an issue with GPG, follow these steps:
- Write the issue in a markdown file (e.g.
issue.md
) - Import the public key:
gpg --keyserver keyserver.ubuntu.com --recv 51AB060B
- Encrypt the
issue.md
file:gpg --recipient 51AB060B --armor --encrypt issue.md
- Copy the contents of the
issue.md.asc
file and create a new issue with that.
To report an issue with OpenSSL, follow these steps:
- Write the issue in a markdown file (e.g.
issue.md
) - Install
cipherhub
:[sudo] npm install -g cipherhub
- Encrypt the
issue.md
file:cipherhub nprail < issue.md
- Copy output and create a new issue with that.