Currently, this repository has no clear guidance on how to report security vulnerabilities. It would be good to provide such guidance so that potential reporters know where/how to proceed. (Yes, there is a note in `CONTRIBUTING.md`, but given `bdk` is *not* pre-production anymore, just opening issues is not an option for more severe issues)
Currently, this repository has no clear guidance on how to report security vulnerabilities.
It would be good to provide such guidance so that potential reporters know where/how to proceed.
(Yes, there is a note in
CONTRIBUTING.md, but givenbdkis not pre-production anymore, just opening issues is not an option for more severe issues)