If you find a security vulnerability in any Commit Check project, please report it privately.
Do not open a public GitHub issue. Instead, send an email to:
Please include:
- Which project and version is affected
- A description of the issue and its impact
- Steps to reproduce (or a proof of concept)
You will receive an acknowledgment within 48 hours, followed by a plan for resolution.
Only the latest release of each project receives security patches. Please keep your dependencies up to date.