BeforePaste handles secrets and PII from your clipboard. A vulnerability here can leak exactly the data the tool exists to protect, so please report issues privately and give us a chance to fix them before public disclosure.
Only the latest published release is supported. Fixes ship in a new release; older versions do not receive backports.
Do not open a public issue for security problems.
Report the issue privately by email to security@beforepaste.com.
If GitHub private vulnerability reporting is available on this repository, you may also use the repository's Security tab and choose Report a vulnerability.
Please include:
- Affected version (
beforepaste --version) and OS / desktop environment - A description of the issue and its impact
- Minimal reproduction steps
Do not paste real secrets in the report. Describe the format of any value (e.g. "an AWS access key") rather than the value itself.
We aim to acknowledge a report within a few days and to keep you updated on the fix and disclosure timeline. We will credit reporters who want it once a fix is released.