ibrierley
commented
3 years ago It's typically quite quiet these days, @DmitryBaranovskiy is the one who would normally deal with anything major, so you could try him first, but haven't heard anything for a while. I may be able to take a peek if you need some feedback, but I haven't worked on Snap for a while.
Hey there!
I belong to an open source security research community, and a member (@ready-research) has found an issue, but doesn’t know the best way to disclose it.
If not a hassle, might you kindly add a
SECURITY.mdfile with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.Thank you for your consideration, and I look forward to hearing from you!
(cc @huntr-helper)