GitHub Mobile
Synopsis
Bring GitHub collaboration tools to your small screens with GitHub Mobile.
Please see our severity guidelines for more information about how severities are calculated.
Focus areas
- Authentication and credential handling
- Mobile specific APIs
- Any protocol handlers, such as
github://
Out of scope
- Push notifications are handled by a third-party system and are not in-scope for the GitHub bounty program.
Ineligible submissions
- On-screen data is not hidden when backgrounding the app
The GitHub Mobile apps do not clear on-screen data when they are backgrounded. This is by design and does not present a security risk.
- No jailbreak detection
The GitHub Mobile apps do not attempt to detect jailbreaked devices. This is by design and does not present a security risk.