We take security seriously at Convrtr and appreciate your help in keeping our project safe and trustworthy. If you discover a vulnerability or have concerns about the security of the project, please follow the steps below to report it responsibly.
Reporting Security Issues
- Found a security bug? Thank you for looking out for us!
- Please don’t open a public issue. Instead, submit an issue to our security tracker.
- Alternatively, you can email us privately at [security@convrtr.xyz]
- Include as much detail as you can — what you found, how to reproduce it, and why it’s a concern.
- We’ll review it quickly and get back to you as soon as possible.
- Responsible disclosure is appreciated — we’ll credit you if you'd like (or keep it anonymous).
Thanks for helping keep Convrtr safe and secure!
What to Include in Your Report
To help us investigate and resolve the issue efficiently, please include:
- A clear description of the vulnerability.
- Steps to reproduce the issue (code snippets, URLs, or configuration details).
- Any potential impact or risk associated with the vulnerability.
- Your contact information (optional, if you'd like credit or follow-up).
Our Commitment
We aim to respond to security reports as soon as possible and will work with you to understand and resolve the issue promptly. Once resolved, we may publish a security advisory and acknowledge your contribution if desired.
Scope
This policy applies to vulnerabilities in:
- The Convrtr codebase and its dependencies.
- Our documentation and configuration files.
- Any services or infrastructure directly maintained by the Convrtr team.
If you're unsure whether something falls under this scope, feel free to reach out anyway — we’d rather hear from you than miss something important.
Thank You
Your efforts help make Convrtr safer for everyone. We’re grateful for your support and responsible disclosure.