Please report security vulnerabilities privately — do not open a public issue.
Use GitHub's private vulnerability reporting for this repository: Report a vulnerability (the "Report a vulnerability" button under the repository's Security tab).
We aim to acknowledge new reports within a few business days and will keep you updated as we investigate and prepare a fix. Please give us a reasonable window to remediate before any public disclosure.
This channel is strictly for security-related issues. For non-security bugs or general problems, please open a regular GitHub issue instead.
We sincerely appreciate your responsible disclosure and your contribution to keeping proto and its users secure.