This policy covers security issues in the Docker container and associated scripts in this repository. It does not cover vulnerabilities in the Proton Bridge application itself — those should be reported directly to Proton.
To report a security vulnerability in this project, please open a GitHub issue with the label security. For sensitive disclosures, you may also reach out via GitHub's private vulnerability reporting feature under the Security tab of this repository.
Please include:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested mitigations if known