• Please report a vulnerability with sufficient information to reproduce the problem as quickly as possible, such as reproduction steps and deno --version output.
• Please do not take advantage of the vulnerability or problem you have discovered.
• Please do not publish or reveal the problem until it has been resolved.
• Please do not use attacks on physical security or applications of third parties.

• We strive to resolve all problems as quickly as possible, and are more than happy to play an active role in publication of writeups after the problem is resolved.
• If you act in accordance with this policy, we will not take legal action against you in regard to your report.
• We will handle your report with strict confidentiality, and not pass on your personal details to third parties without your permission.

See the Security Policy for the Deno CLI here.