Sail-operator takes security seriously and encourages users to report security concerns.

If you run a security scan on sail-operator software that automatically generates a list of potential vulnerabilities and would like to report this security scan report to the sail-operator team, we ask that you first verify that your scan is correctly validating the latest release and that the list of results is valid, contains no duplicates, and the reported vulnerabilities truly affect project. Security report investigation often takes priority over scheduled work and can be time consuming for the Sail maintainers to research and validate. So, please verify that your submitted report accurately reflects the Sail software being scanned, and that the reported security issue(s) actually affect Sail or one of its dependencies.

Security bulletins location is work in progress. We will update the location once we have more information.

Please send mail to (email to be defined) to report a security issue found in sail-operator. We will update you via e-mail when the issue has been evaluated.

Please do NOT reveal any potential security issues in a GitHub issue or through other public channels.