Security Policy
Last updated: July 2026
Reporting a vulnerability
If you find a security vulnerability in Bootgly, email [email protected] immediately. Please do not open a public issue or disclose the problem to third parties before we have investigated and shipped a fix.
What to expect
We aim to acknowledge your report within 48 hours and to keep you updated while we investigate and remediate. Verified vulnerabilities are fixed as fast as possible.
Coordinated disclosure
Once a vulnerability is fully addressed, we publish an appropriate disclosure and credit the reporter for the responsible report.
Scope
This policy covers the Bootgly framework repositories on GitHub — source code, issues and related documentation — plus the bootgly.com and docs.bootgly.com websites.
Bug bounty
There is no bug bounty program at this time. We deeply appreciate responsible reports and may consider a program in the future.