Reporting issues in Weblate¶
Our issue tracker is hosted at GitHub:
Feel welcome to report any issues with, or suggest improvement of Weblate there. If what you have found is a security issue in Weblate, please consult the «Security issues» section below.
In order to give the community time to respond and upgrade you are strongly urged to report all security issues privately. HackerOne is used to handle security issues, and can be reported directly at HackerOne.
Alternatively, report to firstname.lastname@example.org, which ends up on HackerOne as well.
If you don’t want to use HackerOne, for whatever reason, you can send the report by e-mail to email@example.com. You can choose to encrypt it using this PGP key 3CB 1DF1 EF12 CF2A C0EE 5A32 9C27 B313 42B7 511D. You can also get the PGP key from Keybase.
Weblate depends on third party components for many things. In case you find a vulnerability affecting one of those components in general, please report it directly to the respective project.
Some of these are: