This is the security/disclosure policy for Reddit Enhancement Suite, it covers all repositories that are related to the core project. We appreciate all disclosures related to the project.
As we are a community developed project, we are unable to offer rewards for disclosures.
We support the latest version of RES on all supported browsers. Please see below for a complete list.
| Browser | Supported |
|---|---|
| Google Chrome | ✅ |
| Mozilla Firefox | ✅ |
| Mozilla Firefox ESR 78 | ✅ |
| Mozilla Firefox ESR 68 | ❔* |
| Microsoft Edge | ❌ |
| Microsoft Edge Chromium | ✅ |
| Safari | ❌ |
Mozilla Firefox ESR 68: We will backport depending on the impact of the vulnerability.
In order to report a vulnerability/security concern, please send an email to: [email protected] and we will respond confirming the report. Please provide as much detail as possible for the initial triage, we will provide a public PGP key upon request.
We will aim to respond in 24 hours, if you do not get a response in this timeframe place raise a GitHub issue stating you are having problems contacting us.