# Security

For the protection of our community, the Pkl team does not disclose, discuss, or confirm security issues until our investigation is complete and any necessary updates are generally available.

## Reporting a security vulnerability

If you have discovered a security vulnerability within the Pkl project, please report it to us.
We welcome reports from everyone, including security researchers, developers, and users.

Security vulnerabilities may be reported on the [Report a vulnerability](https://security.apple.com/submit) form.
When submitting a vulnerability, select "Apple Devices and Software" as the affected platform, and "Open Source" as the affected area.

For more information, see https://pkl-lang.org/security.html.