Open SCH227 opened 11 months ago
You can find my email on my website or in the git logs of this repo.
Your email on your personal website is the Security Channel of pycolmap project? I recommend adding a SECURITY.md file in your repo so reporters have clear instructions on how to handle disclosures.
We've never faced this before so, no, we don't have a proper process - but we'll consider adding so, thank you. In the meantime our inbox is open: https://github.com/colmap/pycolmap/blob/03f610f17924cf44a50a02222fe402095cb20571/pyproject.toml#L12-L14 (update to email addresses in a pending PR)
Emailed. Thank you for your awesome project!
Hello!
I may have found a security issue in latest version of pycolmap. Following responsible disclosure, is there an email or other private channel where I could share the details? Thank you