If you discover a vulnerability in DLL Pickle, please follow the process below. I appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

Please use the GitHub Security Advisory "Report a Vulnerability" form to report a security issue or vulnerability.

We will send a response indicating the next steps in handling your report. After the initial acknowledgement, we will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

Our goal is to have all reports acknowledged within 7 days and resolved within 30 days. If you do not receive an acknowledgement, escalation may be sent to security@day3bits.com.

Please report security bugs in third-party modules to the person or team maintaining the module. You can also report a vulnerability through the npm contact form by selecting "I'm reporting a security vulnerability".

Once we have either a) published a fix, or b) declined to address the vulnerability for whatever reason, you are free to publicly disclose it.