Apache Nutch's security model and disclosure process are published on the project website rather than in the repository:
- Threat and security model: https://nutch.apache.org/documentation/security/#security-model
- Security policy, vulnerability reporting, advisories, and CVEs: https://nutch.apache.org/documentation/security/
The project website is the authoritative source; this file
exists so agents and tooling that look for SECURITY.md in
the repository can mechanically follow the link to the
canonical documents.
Please report any security issues to security@apache.org.