We take the security of Daemon seriously and appreciate responsible disclosures.
The repository is pre-1.0 and under active development. Please report issues against the main branch.
- Do not file public GitHub issues for suspected vulnerabilities.
- Email
security@daemon.sowith:- Description of the issue and potential impact
- Steps to reproduce or proof-of-concept
- Any logs, stack traces, or screenshots that help illustrate the problem
- If you need to share sensitive credentials or databases, coordinate over email first and use an encrypted channel (PGP/1Password secure share).
We aim to acknowledge reports within 3 business days and provide regular updates until the issue is resolved.
- Please give us a reasonable window to investigate and patch before any public disclosure.
- Once a fix is ready, we will coordinate with you on the timing of public disclosure and release notes.
Thank you for helping keep the community safe.