Security and Responsible Disclosure Policy Policy
Preamble CodeFryDev welcomes the responsible disclosure of security vulnerabilities affecting its Digital Properties and open source repositories, in accordance with practices analogous to those published by GitHub, Google, and the Open Source Security Foundation (OpenSSF) . Researchers are expressly prohibited from exploiting vulnerabilities beyond the minimum scope necessary to demonstrate reproducibility. Researchers must not access, modify, or exfiltrate data belonging to other users. Scope of Engagement In Scope codefrydev.in and associated subpaths; official CodeFryDev mobile applications; published open source repositories under the CodeFryDev organisation; and application programming interfaces and authentication mechanisms operated by CodeFryDev. Out of Scope third-party services not under CodeFryDev’s operational control; social engineering directed against individuals; denial-of-service attacks against production infrastructure; physical security vulnerabilities. Reporting Procedure Correspondence should be directed to codefrydev@gmail.com with the subject line “Security Vulnerability Report”, incorporating: ...