GitHub for mobile

Synopsis

Bring GitHub collaboration tools to your small screens with GitHub for mobile.

Please see our severity guidelines for more information about how severities are calculated.

Focus areas

• Authentication and credential handling
• Mobile specific APIs
• Any protocol handlers, such as github://

Out of scope

• Push notifications are handled by a third-party system and are not in-scope for the GitHub bounty program.

Ineligible submissions

On-screen data is not hidden when backgrounding the app

The GitHub for mobile apps do not clear on-screen data when they are backgrounded. This is by design and does not present a security risk.

No jailbreak detection

The GitHub for mobile apps do not attempt to detect jailbreaked devices. This is by design and does not present a security risk.