Being a privacy-oriented project, security is, obviously, quite important to us.
Thank you for taking the time to report security issues! We know you could be doing literally anything else right now, but you chose to help us improve this project instead, and that is priceless. Seriously, thank you.
Okay, now, to the formal part of this policy :weary:.
If you found any kind of security issue in this project, please disclose the information responsibly by sending an email to firstname.lastname@example.org and not by creating an issue on this repository.
We recommend to use GPG for these kind of communications, the fingerprint for our key is
9694 9B96 8BB7 92BF 0B1F 0BF8 CDCC 8001 874B 6E9C.
You can run this command to download our key:
gpg --keyserver keyserver.ubuntu.com --recv 96949B968BB792BF0B1F0BF8CDCC8001874B6E9C