We take security seriously. If you discover any security vulnerabilities within this project, please report the issue via the GitHub Security Advisory or by sending a direct email to the maintainer.
- GitHub Security Advisory: Please use the Security tab to report security vulnerabilities.
- Direct Email: For sensitive issues or if you prefer direct communication, please email
[email protected].
We follow a responsible disclosure policy. We will not pursue or will be lenient with legal action against security researchers who act in good faith to find and report vulnerabilities. We ask that you do the same:
- Do not disclose the vulnerability publicly until we have had a reasonable time to fix it.
- Do not exploit the vulnerability in any way that could harm users or the integrity of the project.
- Provide sufficient information to reproduce the vulnerability, allowing us to address it effectively.
We are committed to addressing security vulnerabilities in the latest stable version of the browser extension. Older versions may not be actively maintained or patched.
- We aim to acknowledge all valid security reports within 2 business days.
- We will provide an estimated timeline for a fix and subsequent release.
- Once a fix is deployed, we will work with you to coordinate a public disclosure if desired.
Thank you for helping to keep this project secure!