This document outlines security procedures and general policies for any IT Minds Opensource project.

Individuals and companies from every industry place their trust in IT Minds. It is hereby essential that we deliver the industry standard. Our principle developers ensure that security is top-priority in all of our work.

Report security vulnerabilities by emailing the lead maintainer at opensource@it-minds.dk.

The lead maintainer will acknowledge your email within 48 hours, and will send a more detailed response within the following 48 hours, indicating the next steps in handling your report.

After the initial reply to your report, the security team will endeavor to keep you informed of the progress towards a fix and full announcement and ask for additional information or guidance.

Please report security bugs in third-party modules to the person or team maintaining that module. But feel free to open an issue in our repo.

In the event of a security leak created by our libraries' vulnerability, should it affect any personal data, we have a 90-day disclosure deadline, which starts after being notified of vulnerabilities.