Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in Template Toolkit, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please use one of the following methods:

GitHub Private Vulnerability Reporting: Report a vulnerability via GitHub's built-in private reporting feature.
Email: Contact the maintainers directly at the email addresses listed in the distribution metadata on MetaCPAN.

Please include:

A description of the vulnerability
Steps to reproduce the issue
The version of Template Toolkit affected
Any potential impact assessment

Response

We will acknowledge receipt of your report and aim to provide an initial assessment promptly. Security fixes will be prioritized and released as soon as practical.

Scope

This policy covers the Template Toolkit distribution (Template-Toolkit) as published on CPAN and maintained in this repository.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Security Policy

Reporting a Vulnerability

Response

Scope

Keyboard Shortcuts