Found a security issue in TrailBase? Read on.

At TrailBase we take all security bugs very seriously. Thank you for helping to improving our security, we'll make every effort to acknowledge your contributions.

Vulnerabilities should be reported to security@trailbase.io, a private maintainer-only email address. Please do not open a public issue, as GitHub does not provide facility for private issues. Deleting the issue will prevent any follow-up communication with the reporter.

When reporting an issue, where possible, please provide the following:

• Commit version where the issue was introduced.
• A proof of concept (plaintext; or ideally send a patch to same email address)
• Steps to reproduce
• Your recommended fixes, if any.

When a vulnerability is reported, we will:

• Confirm the problem and determine the affected versions.
• Audit the code to find any potential similar problems.
• Work on the fix.
• Prepare a new release.
• Manage communications.

If you have suggestions on how this process could be improved, let us know.