The :project project takes security seriously. We make every possible effort to ensure users can adequately secure their automation infrastructure.

If you find a vulnerability in this project, please report it in the security issue tracker under the SECURITY project. Please do not report security issues in the github tracker.

This project is configured in such a way that only the reporter and the security team can see the details. By restricting access to this potentially sensitive information, we can work on a fix and deliver it before the method of attack becomes well-known.

If you are unable to report using the above issue tracker, you can also send your report to the private Continuous Engineering Project security team mailing list: security@continuousengineeringproject.org

Whilst the Continuous Engineering Project team is not responsible for the quality of third party apps, please still use the above reporting mechanism and we will co-ordinate with the app developer to ensure a fix in a secure maner.