Legal

Security Policy

Last updated: July 2026

Reporting a vulnerability

If you find a security vulnerability in Bootgly, email [email protected] immediately. Please do not open a public issue or disclose the problem to third parties before we have investigated and shipped a fix.

What to expect

We aim to acknowledge your report within 48 hours and to keep you updated while we investigate and remediate. Verified vulnerabilities are fixed as fast as possible.

Coordinated disclosure

Once a vulnerability is fully addressed, we publish an appropriate disclosure and credit the reporter for the responsible report.

Scope

This policy covers the Bootgly framework repositories on GitHub — source code, issues and related documentation — plus the bootgly.com and docs.bootgly.com websites.

Bug bounty

There is no bug bounty program at this time. We deeply appreciate responsible reports and may consider a program in the future.