# Security policy for falsify.dev — Studio 11 Turkey Ltd. Şti.
# https://www.rfc-editor.org/rfc/rfc9116

Contact: mailto:hello@studio-11.co
Contact: https://github.com/studio-11-co/falsify/security/advisories/new
Expires: 2027-05-08T23:59:00.000Z
Preferred-Languages: en, tr
Canonical: https://falsify.dev/.well-known/security.txt
Policy: https://falsify.dev/security
Acknowledgments: https://falsify.dev/security#acknowledgments

# Subject prefix for email reports: [security]
# Targets in scope:
#   - falsify.dev / spec.falsify.dev / registry.falsify.dev
#   - github.com/studio-11-co/falsify
#   - github.com/studio-11-co/falsify-inspect
#   - github.com/studio-11-co/falsify-integrity-index
#   - github.com/studio-11-co/falsify-cookbook
#   - github.com/studio-11-co/prml-verify-action
#   - PyPI: falsify, falsify-inspect
#
# Out of scope:
#   - Studio 11 marketing site (studio-11.co)
#   - Third-party dependencies (report upstream)
#   - Phishing / brand impersonation (report to your registrar / hosting provider)