ged-odoo
commented
9 hours ago You can either contact me directly (ged at odoo dot com), or contact the Oodo security team (https://www.odoo.com/security-report). Note that many security tools report vulnerabilities in our package.json dependency list. However, those vulnerabilities do not apply as we actually only use these for development, and the only javascript that is packaged is the actual owl source code.
Hi team,
I’m looking for information on the security policy for this project and the correct process for reporting any possible security issues or vulnerabilities. Where should we report potentially sensitive security vulnerabilities?
Thank you!