Thank you for helping keep wayofdev/docker-php-dev and its users safe. We greatly appreciate your efforts to disclose security vulnerabilities responsibly.

We take all security bugs in wayofdev/docker-php-dev seriously. Please follow the instructions below to report security vulnerabilities.

1. Security Advisories: Please report security issues directly through our Security Advisories page: https://.com/wayofdev/docker-php-dev/security/advisories/new. This ensures that sensitive information is handled ly.

2. Empty Security Issue: After submitting through Security Advisories, please also create an empty security issue to alert us, as Advisories do not send automatic notifications. This can be done here.

3. Direct Contact: For highly sensitive information, in addition to the Security Advisories, please email us directly at [email protected] with the subject line "SECURITY - Vulnerability Report". This will be treated with the highest priority.

Please do not discuss potential security issues in public forums or through our public issues tracker.

At this moment, we DO NOT accept reports from third-party bug bounty platforms to minimize risk. All vulnerability reports should come through the specified channels above.