Security is an essential part of delivering software to users. We welcome any and all review! We treat security issuse with confidentiality until responsibly disclosed. We will happily give credit where credit is due.
Any sensitive details can be sent via PGP-encrypted email or end-to-end encrypted Matrix messages. At your discretion, consider opening a confidential issue in the relevant GitLab project so we can better track the issue.
- For PGP, any and all of the keys used for signing the software is appropriate: https://f-droid.org/en/docs/Release_Channels_and_Signing_Keys
- For Matrix, send a direct message to any of the room admins.
- On our forum, send a direct message to any of the F-Droid contributors