Skip to content

Security: sarahbarili/cli

Security

.github/SECURITY.md

GitHub takes the security of our software products and services seriously, including the open source code repositories managed through our GitHub organizations, such as cli.

If you believe you have found a security vulnerability in GitHub CLI, you can report it to us in one of two ways:

  • Report it to this repository directly using private vulnerability reporting.

    • Include a description of your investigation of the GitHub CLI's codebase and why you believe an exploit is possible.
    • POCs and links to code are greatly encouraged.
    • Such reports are not eligible for a bounty reward.
  • Submit the report through HackerOne to be eligible for a bounty reward.

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Thanks for helping make GitHub safe for everyone.

There aren’t any published security advisories