menu

Apollo

A community of developers, designers and others who love Apollo and GraphQL. 🚀

Channels
# All channels
view-forward
# General
view-forward
# Apollo Angular
view-forward
# Announcements
view-forward
# Apollo Android
view-forward
# Apollo Client
view-forward
# Apollo iOS
view-forward
# Apollo Link
view-forward
# Apollo Link Rest
view-forward
# Local State
view-forward
# Apollo Studio
view-forward
# Apollo Server
view-forward
# Apollo Tooling
view-forward
# Contributing
view-forward
# Docs
view-forward
# Events
view-forward
# GraphQL Tools
view-forward
# Jobs
view-forward
# Random
view-forward
# React Apollo
view-forward
# Showcase
view-forward
# Subscriptions
view-forward
# Testing
view-forward
# Vue Apollo
view-forward
Team

Security vulnerabilities

December 16, 2019 at 5:30pm

Security vulnerabilities

December 16, 2019 at 5:30pm
What is the proper process for reporting security vulnerabilities in the Apollo Server framework?
CONTRIBUTING.md doesn't mention a process for doing so and there's no info about security on the GraphQL homepage. No /hackers.txt file either.
Probably unwise to toss an issue in GitHub for the world to see - creates a gap between the point the issue is reported and it can be remediated. PRs take time.
No messages yet