Security

SECURITY.md

Security Policy

Reporting a vulnerability

Do not open public issues for security-sensitive reports.

Please report privately via email: security@adoceditor.com (maintainers should replace this address).

Include:

Affected area
Reproduction details
Impact assessment
Suggested mitigation (if known)

Handling policy

Acknowledge receipt within 7 days.
Validate report and assess severity.
Coordinate remediation and disclosure timeline with reporter.

Privacy reminders

Never include secrets, private credentials, or unredacted personal data in public issue reports.

There aren't any published security advisories