If you discover a security vulnerability within Sparrow, please send an email to [email protected]. All security vulnerabilities will be promptly addressed.

Please do not report security vulnerabilities through public GitHub issues.

1. The security team will acknowledge receipt of your vulnerability report
2. We will confirm the vulnerability and determine its impact
3. We will develop and test a fix
4. We will prepare a security advisory and release timeline
5. We will release the fix and publish the security advisory

Thank you for helping keep Sparrow secure!