@@ -4,7 +4,7 @@ We take security very seriously at the Open Technology Fund. We welcome any peer
...
@@ -4,7 +4,7 @@ We take security very seriously at the Open Technology Fund. We welcome any peer
### Where should I report security issues?
### Where should I report security issues?
In order to give the community time to respond and upgrade we strongly urge you report all security issues privately. Please use our [vulnerability disclosure program at Hacker One](https://hackerone.com/otf) to provide details and repro steps and we will respond ASAP. If you prefer not to use Hacker One, email us directly at `team@opentech.fund` with details and repro steps. Security issues *always* take precedence over bug fixes and feature work. We can and do mark releases as "urgent" if they contain serious security fixes.
In order to give the community time to respond and upgrade we strongly urge you report all security issues privately. Please use our [vulnerability disclosure program](https://hackerone.com/open_technology_fund) or particpate in our [bug bounty program](https://hackerone.com/otf) at [HackerOne](https://hackerone.com) to provide details and repro steps and we will respond ASAP. If you prefer not to use Hacker One, email us directly at `team@opentech.fund` with details and repro steps. Security issues *always* take precedence over bug fixes and feature work. We can and do mark releases as "urgent" if they contain serious security fixes.
For a list of recent security commits, check [our GitHub commits prefixed with SECURITY](https://github.com/opentechfund/opentech.fund/search?utf8=%E2%9C%93&q=SECURITY&type=Commits).
For a list of recent security commits, check [our GitHub commits prefixed with SECURITY](https://github.com/opentechfund/opentech.fund/search?utf8=%E2%9C%93&q=SECURITY&type=Commits).
