At riok, we take the security of Mapperly very seriously. If you discover a potential security vulnerability, we encourage you to report it responsibly using the guidelines below.
Please refrain from reporting security vulnerabilities through public GitHub issues.
To report a security incident, please contact us via email at [email protected] and include the following information:
- Target: Specify the affected component(s), such as:
- Mapperly source generator
- Mapperly-generated code
- Mapperly documentation web page
- Other (please describe)
- Description: Provide a comprehensive explanation of the issue, including:
- Steps to reproduce the vulnerability
- Assumptions made during the discovery
- Potential impact or risks
- URL/Location (optional): Include the relevant URL or location if applicable.
- Contact Details (optional): Provide your preferred contact information if you wish to be contacted through a specific channel.
- GPG Encryption: At this time, GPG encryption is not supported for security reports. However, you may sign your message for authenticity if desired.
- Acknowledgment: If you wish to be acknowledged for your report, please let us know explicitly in your submission. By default, we will keep your identity private to protect your privacy.
- Preferred Communication Language We kindly request that all communications be conducted in English to ensure a swift and effective response.