The OpenFermion developers and community take security bugs in OpenFermion seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

Please do not use GitHub issues to report security vulnerabilities; GitHub issues are public, and doing so could allow someone to exploit the information before the problem can be addressed. Instead, please use the GitHub "Report a Vulnerability" interface from the Security tab of the OpenFermion repository.

Please report security issues in third-party modules to the person or team maintaining the module rather than the OpenFermion project stewards, unless you believe that some action needs to be taken with OpenFermion in order to guard against the effects of a security vulnerability in a third-party module.

The project stewards at Google Quantum AI will send a response indicating the next steps in handling your report. After the initial reply to your report, the project stewards will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

Please contact the project stewards at Google Quantum AI via email at [email protected] if you have questions or other concerns. If for any reason you are uncomfortable reaching out to the project stewards, please email [email protected] instead.