ObserveOps is under active development. Security fixes are applied to the latest main branch first.
Please do not report security vulnerabilities in public issues.
Report privately by email:
When reporting, include:
- A clear description of the issue
- Steps to reproduce
- Potential impact
- Any proof-of-concept details (if available)
- Initial acknowledgement target: within 72 hours
- Triage and severity assessment after acknowledgement
- Fix timeline depends on severity and complexity
- Coordinated disclosure is preferred
If you make a good-faith effort to follow this policy, avoid privacy violations, and do not cause service disruption, we will treat your research as authorized.
This project is provided under the MIT License and is offered as-is. Use this software at your own risk.