Please note that this repository is part of an educational workshop on secure software pipelines. It contains intentional vulnerabilities for learning and demonstration purposes.

We encourage you to explore and exploit these known issues as part of the workshop exercises. Please do not report these intentional vulnerabilities as security issues.

While this repository contains planned vulnerabilities, it's possible that we've overlooked something. If you believe you have discovered an unintentional security vulnerability, we would appreciate your help in disclosing it to us privately.

Please report any suspected unintentional vulnerabilities by emailing us at [[email protected]].

We are committed to addressing security issues responsibly and will make every effort to respond to your report as quickly as possible. We kindly ask that you do not disclose the issue publicly until we have had a chance to review and address it.

This project is an educational workshop and does not have formal releases or versions. Please use the code from the main branch, which is the most up-to-date version for the workshop.