Imagine that you discover a fork condition between V1 and V2 of bitcoin core.
Surely enough, this should be reported to github, and test data must be updated.
No, please report security-critical issues (including consensus bugs) to the bitcoin-security mailing list:
bitcoin-security@lists.sourceforge.netI'd just like to know why you would consider it better than provoking the fork on purpose.
As I said, if published before being exploited, then it can potentially be used maliciously by someone in bitcoin-security mailing list, making more damage that if the discoverer just provoke it, then publish it after.