Square recognizes the important contributions the security research community can make. We therefore encourage reporting security issues with the code contained in this repository.
If you believe you have discovered a security vulnerability, please report it through Square's Open Source bug bounty program on Bugcrowd. We will try to get back to you as soon as possible.