We value the work of security researchers who help keep our users safe. To responsibly and confidentially disclose vulnerabilities in any of our code, email a report to [email protected] or use the form at hash.ai/contact.
Please do not open a public thread, Issue or Discussion on this or any other of our public GitHub repositories containing any security-related reports as this may put users at risk.
We maintain a bug bounty program that rewards security researchers who responsibly disclose vulnerabilities contained within certain HASH-authored code. More information can be found at hash.ai/security
Security updates are only published for the latest minor version of each of our packages. We have no expectation of beginning to publish security patches for older versions of our packages in the near future.
If you are an enterprise customer with specific security requirements you can contact us via the HASH website or email [email protected]
You can read more about our approach to security, privacy, confidentiality, data integrity and availability on our website at hash.ai/security