The ucan team welcomes security reports and is committed to providing prompt attention to security issues. Security issues should be reported privately via [email protected]. Security issues should not be reported via the public GitHub Issue tracker.

The project team is committed to transparency in the security issue disclosure process. The ucan team announces security advisories through our Github respository's security portal and and the RustSec advisory database.