| Version | Supported |
|---|---|
| latest | ✅ |
If you discover a security vulnerability in PD-Hunter, please report it responsibly:
- Do NOT open a public GitHub issue
- Email the maintainers or use GitHub's private vulnerability reporting
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will acknowledge your report within 48 hours and aim to release a fix within 7 days for critical issues.
This policy covers:
- The PD-Hunter CLI tool (
cmd/hunter) - The frontend dashboard (
frontend/) - The enrichment pipeline (
enrich_bounties.py) - GitHub Actions workflows
- Never commit API keys or tokens to the repository
- Use environment variables for sensitive configuration
- Keep dependencies up to date