If you have an issue with a credit card charge, please read to the end of this page.

We’re committed to working with the developer and security communities to identify any vulnerabilities and ensure that our platform is as safe as can be.

If you want to bring a technical issue to the attention of our software security team, send an email to GPG-signed mail is preferred; you may use our public key to encrypt any potentially sensitive information. We'll try to respond with in 48 hours.

If you do spot a real, live bug in production, you’ll win yourself a bounty of $1,000 (and perhaps a job interview).

Sites hosted by third parties, such as our blog, tutorial/FAQ, and social media accounts, are not within the scope of this program.

We can only respond to software-related questions at this email address, and our software security team cannot access donor information such as credit cards and cannot refund charges. If you are looking at this page because you want to cancel a contribution, please contact our customer service team at or by using the contact form.