This document outlines the security policy for Orchestrion-KS (aka orchestrion-js) and what to do if you discover a security vulnerability in the project. Most notably, please do not share the details in a public forum (such as in a discussion, issue, or pull request) but instead reach out to us with the details. This gives us an opportunity to release a fix for others to benefit from by the time details are made public.

If you discover a vulnerability in Orchestrion-JS (or any Datadog product for that matter) please follow the contact instructions listed under the "Report an Issue" section here: https://www.datadoghq.com/security/?tab=contact