Inspired by GitLab Contributing Guide
Security vulnerability disclosure
Please report suspected security vulnerabilities in private to firstname.lastname@example.org, also see the disclosure section on the Trezor.io website. Please do NOT create publicly viewable issues for suspected security vulnerabilities.
|P1 Urgent||The current release + potentially immediate hotfix (30 days)|
|P2 High||The next release (60 days)|
|P3 Medium||Within the next 3 releases (90 days)|
|P4 Low||Anything outside the next 3 releases (120 days)|
|S1 Blocker||Outage, broken feature with no workaround|
|S2 Critical||Broken feature, workaround too complex & unacceptable|
|S3 Major||Broken feature, workaround acceptable|
|S4 Low||Functionality inconvenience or cosmetic issue|
The complete test suite is running on our internal GitLab CI. If you are an external contributor, we also have a Travis instance where a small subset of tests is running as well - mostly style and easy fast checks, which are quite common to fail for new contributors.