Skip to content

Security: NovaDNG/rune

Security

SECURITY.md

Security Policy

Supported Versions

Rune is currently in the development phase and has not yet reached a stable release. As such, we only provide security updates for the latest development version. We encourage users to keep their installations up-to-date to benefit from the latest security enhancements.

Reporting a Vulnerability

If you discover a security vulnerability in Rune, we encourage you to report it to us promptly. Please follow these guidelines to ensure a smooth and effective resolution process:

  1. Draft an Issue: Report the issue directly in the issue section of this project.

  2. Details: Include as much detail as possible about the vulnerability. This should include the version of Rune you are using, steps to reproduce the issue, and any potential impact.

  3. Response Time: Upon receipt of your report, we will acknowledge it within a week. We will provide you with regular updates on the status of the investigation, typically every 5-7 business days.

  4. Resolution Process: If the vulnerability is confirmed, we will work on a fix and aim to release it as quickly as possible. You will be credited for the discovery unless you wish to remain anonymous. If the vulnerability is declined, we will provide a detailed explanation.

Thank you for helping us keep Rune secure. Your efforts are greatly appreciated.

There aren’t any published security advisories