Please do not report security issues in public issues.
Use GitHub private vulnerability reporting on the affected repository when it is available. If that is not available, contact a BarqDB maintainer privately.
Security reports may include:
- Data corruption or data loss bugs
- Token handling bugs
- Sync authorization bypasses
- Memory safety issues
- Build or release supply-chain issues
- A clear description
- Steps to reproduce
- A small proof of concept if possible
- Affected package, commit, or version
We will review reports as soon as we can and coordinate fixes before public disclosure.