If you've discovered a security vulnerability in Barley, we appreciate your help in disclosing it to us in a responsible manner.
Please follow these steps to report a vulnerability:
-
E-mail us: Send an e-mail to the maintainers of the project. You can find the contact information in the
README.mdfile. -
Do not create a public issue: We ask that you do not create a public issue on GitHub until we've had a chance to address the vulnerability. This helps us to prevent potential exploitation of the vulnerability until a fix is available.
-
Wait for our response: We will acknowledge your email as soon as possible and send you further instructions on the next steps in handling your report.
-
Follow up: If you don't receive a response within a reasonable time, please follow up via email to ensure we received your original message.
We appreciate your understanding and cooperation in helping us keep Barley safe for everyone.
We will provide updates on security vulnerabilities through GitHub releases and on our website. We recommend that you subscribe to these channels to stay informed about the latest security updates.
When we receive a security vulnerability report, we will:
- Confirm the issue and determine its severity.
- Audit code to find any potential similar problems.
- Prepare fixes for the vulnerability.
- Release a fix as soon as possible.
We will also provide a detailed explanation of the vulnerability and the fix in a security advisory.
We appreciate your help in keeping Barley secure. Your efforts in reporting security vulnerabilities help make Barley a safer project for everyone.