This repository primarily contains documentation and community submissions. Security updates are applied to repository automation, workflows, and contribution processes as needed.
If you discover a security issue related to this repository (for example: workflow abuse, secrets exposure, or malicious contribution vectors), do not open a public issue.
Please report responsibly using one of these options:
- Open a private GitHub security advisory for this repository, if enabled.
- Contact the OSSAfrica maintainers privately through organization owners listed in MAINTAINERS.md.
Include the following details in your report:
- A clear description of the issue
- Steps to reproduce
- Potential impact
- Any proof-of-concept material (if safe to share)
- Initial acknowledgment: within 72 hours
- Triage update: within 7 days
- Resolution timeline: based on severity and complexity
Please avoid public disclosure until maintainers confirm a fix or mitigation.
We appreciate responsible disclosure and will credit reporters when appropriate.