This document outlines security procedures and general policies for the lazy-cart project.

• Security Policies and Procedures
  • Reporting a Bug
  • Disclosure Policy
  • Comments on this Policy

The lazy-cart team and community take all security bugs in lazy-cart seriously. Thank you for improving the security of lazy-cart. We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.

Report a vulnerability.

When the security team receives a security bug report, they will assign it to a primary handler. This person will coordinate the fix and release process, involving the following steps:

• Confirm the problem and determine the affected versions.
• Audit code to find any potential similar problems.
• Prepare fixes for all releases still under maintenance. These fixes will be released as quickly as possible.

If you have suggestions on how this process could be improved please submit a pull request.