0GH and its implementation are still in heavy development. This means that there may be problems in our design, or mistakes in our implementation. And even though 0GH is not production-ready yet, we take security vulnerabilities very seriously. If you discover a security issue, please bring it to our attention right away!
If you find a vulnerability that may affect live deployments -- for example, expose a remote execution exploit -- please send your report privately to skwerlman@Mail.ZeroNetwork.bit, please DO NOT file a public issue. The GPG key for skwerlman@Mail.ZeroNetwork.bit is 5D9DF29E 62C5C2E2 951ADC69 86282389 9AC2E445.
If the issue is a non-critical design flaw or affects something not yet deployed, just discuss it openly.
- Write/select a Code of Conduct for the org
- Find someone to head up UI development
- Write contribution guidelines
- Finish this document
- Pick a language for the non-ui stuff (probably python)
- Sketch out UI
- Git LFS
- Maybe use IPFS for bigfile support for now, while we wait on native support