You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you discover a security vulnerability in Codebook, please report it responsibly by emailing the maintainers or by opening a [GitHub security advisory](https://github.com/blopker/codebook/security/advisories/new).
6
+
7
+
**Please do not open a public issue for security vulnerabilities.**
8
+
9
+
## Scope
10
+
11
+
Codebook is a spell checker that runs locally. It does not send file contents to remote servers. The main areas where security concerns may apply:
12
+
13
+
-**Dictionary downloads**: Codebook downloads dictionary files from remote URLs on first use and caches them locally. These URLs are hardcoded in the source.
14
+
-**Tree-sitter parsers**: Codebook uses tree-sitter grammars to parse source code. These are compiled into the binary.
15
+
-**Configuration files**: Codebook reads `codebook.toml` files from the project directory and global config directory.
16
+
17
+
## Supported Versions
18
+
19
+
Security fixes are applied to the latest release only.
0 commit comments