DO NOT REPORT SECURITY VULNERABILITIES FOR YOURAPPS HERE!
Only report issues for the website (//yourapps.cyou/) here. If you found a security vulnerability in yourapps, please contact one of the developers.
| Branch | Supported |
|---|---|
| master | ✅ |
| anything else | ❌ |
To report a vulnerability:
- Ensure the bug/behaviour is reproducable, and is on the master branch (production, usually live at //yourapps.cyou/)
- Make sure you've captured all of the steps required to reproduce it.
- Preferrably, get a screen recording or screenshots of the bug happening (censor as much as you want, so long as it isn't needed to see the bug).
- (Optional) Have a look through our source code - Try to locate the bug.
(For reference, all of our staticfiles are housed in
/htmland the main server file ismain.py - If you followed step 4, open a pull request, and if not, please open an issue. Prefix this with [security] so it will be seen sooner.
- If the security vulnerability is critical, please join our discord server (alt link) and ping developers.
Security reports will be looked into as soon as possible. We request that you don't release any security details (outside of your PR/issue) or encourage people to reproduce it.
If we have not fixed the bug after 14 days, you are free to do whatever you would like with the information. Just don't be a bad person, basically.