Skip to main content
Project page

Security

Security policy and reporting guidance for Tessera.

Security Policy

Reporting A Vulnerability

Do not open a public GitHub issue for a security vulnerability.

Instead:

  1. use GitHub private vulnerability reporting if it is enabled for the repository
  2. otherwise contact the maintainer privately through GitHub

Include:

  • affected version or commit
  • reproduction steps
  • impact
  • any known workaround

Alpha Status

Tessera is in public alpha. Security fixes will be addressed, but the repository does not yet publish a long-term support policy or stable-version support matrix.