Security Policy
September 11, 2024 ยท View on GitHub
Thank you for helping keep wayofdev/docker-php-dev and its users safe. We greatly appreciate your efforts to disclose security vulnerabilities responsibly.
๐จ Reporting a Vulnerability
We take all security bugs in wayofdev/docker-php-dev seriously. Please follow the instructions below to report security vulnerabilities.
โ How to Report a Vulnerability
-
GitHub Security Advisories: Please report security issues directly through our GitHub Security Advisories page: https://github.com/wayofdev/docker-php-dev/security/advisories/new. This ensures that sensitive information is handled confidentially.
-
Empty Security Issue: After submitting through GitHub Security Advisories, please also create an empty security issue to alert us, as GitHub Advisories do not send automatic notifications. This can be done here.
-
Direct Contact: For highly sensitive information, in addition to the GitHub Security Advisories, please email us directly at
the@wayof.devwith the subject line "SECURITY - Vulnerability Report". This will be treated with the highest priority.
Please do not discuss potential security issues in public forums or through our public GitHub issues tracker.
โ Third-Party Bug Bounty Platforms
At this moment, we DO NOT accept reports from third-party bug bounty platforms to minimize risk. All vulnerability reports should come through the specified channels above.