Opsdash is built and maintained as a hobby project. I put real effort into security hardening, validation, and review, but this is still best-effort maintenance. If you spot something suspicious, please report it. Helpful reports make the app safer for everyone.

We currently support the 0.8.x line (Nextcloud 30-33).

• Sensitive/security-critical issue: please use the private security contact below.
• Non-sensitive security concern or hardening suggestion: opening a normal issue is welcome.
• Alternate private contact: opsdash-security@gellert-innovation.dev (PGP optional).

Please include:

• clear reproduction steps
• expected vs actual behavior
• Nextcloud version
• Opsdash version
• relevant logs/screenshots (with secrets removed)

1. Acknowledgement target: within 3 business days.
2. Triage update target: usually within 7 days.
3. Fix and release notes: tracked in CHANGELOG.md and the release notes workflow.

Please avoid public disclosure of exploitable vulnerabilities until a fix is available.