If you believe you've found a security issue in com.testingbot:testingbotrest or in the TestingBot service it talks to, please report it privately rather than opening a public GitHub issue.

Email: info@testingbot.com (subject line: "Security: testingbot-java ")

If you'd like to use PGP, the maintainer's public key is published on the common keyservers under the email above.

Please include:

• The version of testingbotrest you tested against
• A minimal reproduction (code snippet, request/response, etc.)
• Your assessment of impact and any suggested mitigation

We aim to acknowledge new reports within 3 business days and provide a fix or mitigation plan within 30 days. Disclosure timing will be coordinated with you.

Only the latest minor release line of testingbotrest is supported with security fixes. Older versions may receive backports at the maintainer's discretion.