DO NOT open a public GitHub issue for security vulnerabilities.

1. Email: Send details to [your-email]@[domain]

   • Subject: "SECURITY: [brief description]"
   • Include: pgGit version, PostgreSQL version, description, reproduction steps

2. Response Time:

   • Initial acknowledgment: 48 hours
   • Status update: 7 days
   • Fix timeline: Based on severity

3. Disclosure:

   • We follow responsible disclosure (90 days)
   • You will be credited (unless you prefer anonymity)

See Security Guide for:

• Access control configuration
• Audit trail setup
• Production hardening

⚠️ v0.1.x is experimental:

• No security audit performed
• Not recommended for production
• Use at your own risk