Salmon is written in as secure a manner as possible and assumes that it is operating in a hostile environment. If you find Salmon doesn’t behave correctly given that constraint then please email If you want to send an encrypted report, then please use key id 0x878B5A2A1D47C084.

Salmon follows the same security reporting model that has worked for other open source projects: If you report a security vulnerability, it will be acted on immediately and a fix with complete full disclosure will go out to everyone at the same time.