Security fixes are applied to the latest release on the main branch.
Please do not open a public GitHub issue for security vulnerabilities.
Instead, email ian@capandbanner.com with:
- A description of the issue
- Steps to reproduce
- Impact assessment, if known
You can expect an initial response within a few business days.
This project is a static Next.js app with no authentication or user accounts. Reports about third-party data accuracy (AZA institution records, geocoding results) are welcome as regular issues rather than security reports.