Skip to content

Security: aaronkwhite/linear-cli

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in linear-cli, please report it responsibly.

Do not open a public issue.

Instead, use GitHub's private vulnerability reporting.

Scope

linear-cli handles Linear API keys. Security issues we care about:

  • API key leakage (logging, error messages, crash dumps)
  • Command injection via user input
  • Dependency vulnerabilities

Response

We aim to acknowledge security reports within 48 hours and provide a fix or mitigation plan within 7 days.

There aren’t any published security advisories