Security
We appreciate responsible disclosure of security issues affecting Darksaber at www.darksaber.win.
Report a vulnerability
Email [email protected] with enough detail to reproduce the issue (affected URLs, steps, and impact). Please do not publicly disclose vulnerabilities before we have had a reasonable chance to fix them.
Scope
Reports should relate to the Darksaber web application and its infrastructure. Issues in third-party services (Google OAuth, Stripe, SWGOH Comlink, and similar) should be reported to those vendors when the flaw is in their systems.
Supported versions
Security fixes are applied to the production deployment. After a fix is deployed, we will acknowledge valid reports as appropriate.