If you discover a security vulnerability in any Backend Glitch repository, please report it directly to:
Do not open a public issue. We respond within 48 hours.
| Repository | Security Updates |
|---|---|
| wasla, wasla_backend, wasla_management | Dependabot: weekly npm, monthly Actions |
| fabrix-web, fabrix-central | Manual review |
| all others | Best-effort |
Dependabot is enabled on all active repositories for:
- npm/pip/cargo package updates (weekly)
- GitHub Actions updates (monthly)
Vulnerability alerts and automated security fixes are enabled org-wide.