Sources of Security Information

Security is a priority for the NixOS community. The communication channels on security in the Nix ecosystem are:

• Discourse announcements on security
• Security Triage Matrix room for triaging issues and coordinating mitigations
• Security Discussions Matrix room for discussions around security
• GitHub Security Advisories on Nixpkgs or NixOS and Nix
• GitHub issues related to security on NixOS, Nixpkgs, Nix

If the above sources are not enough to answer your question, please reach out to the team.

Security Disclosures

To privately report a security issue with NixOS, Nix, and its ecosystem, please email a member of the NixOS Security Team and we will ensure the issue is handled.

• Martin Weinelt
  Email: hexa@darmstadt.ccc.de
  GPG Fingerprint: F7D6 7CFB F2CA 32F1 641A 03DB 0D9F 7008 4786 0BC5

• Robert Scott
  Email: secure@humanleg.org.uk
  GPG Fingerprint: 8868 8AE4 8AE6 3195 BCF5 F732 3A7B 7B7A 2611 CE25

• Thomas Gerbet
  Email: thomas@gerbet.me
  GPG Fingerprint: 565E 4C95 E256 878A F684 6EB3 F1B9 7D51 AE83 1DC0