The Gas ecosystem is pre-1.0. Only the latest released minor version of each module receives security fixes.
Do not file a public GitHub issue for security vulnerabilities.
Please use GitHub's private vulnerability reporting on this repository to report the issue, or email contact@ahmedkamal.io with:
- A description of the vulnerability and its impact.
- Steps to reproduce, or a proof-of-concept.
- The affected version(s) and module(s).
- Any suggested mitigations, if known.
You can expect:
- An initial acknowledgement within 7 days.
- A coordinated disclosure timeline once the issue is triaged.
- Credit in the release notes if you wish (or anonymity if you prefer).