Skip to content

Latest commit

 

History

History
54 lines (38 loc) · 2.26 KB

SECURITY.md

File metadata and controls

54 lines (38 loc) · 2.26 KB

Security Policy

Supported Versions

Use this section to let people know which versions of your project are currently being supported with security updates.

Version Supported
1.2.x
1.1.x
1.0.x
< 1.0

Reporting a Vulnerability

Your contributions to the security of our project are greatly appreciated. If you've discovered a security vulnerability within the project, we encourage you to report it as soon as possible. Please follow these guidelines to communicate the issue responsibly.

How to Report a Security Vulnerability?

If you believe you have found a security vulnerability, please send us an email at [email protected]. Provide a clear description of the issue, including how it can be reproduced, and, if possible, a code snippet or an executable test case demonstrating the vulnerability.

What to Expect

After submitting a vulnerability report, you should receive an acknowledgment of your report within 48 hours. Following this, the team will:

  • Review your report and determine whether the vulnerability can be confirmed.
  • Assign a severity level to the vulnerability according to its impact and urgency.
  • Notify you of the progress towards a fix and full announcement.
  • Work to remediate the issue through mutual agreement, ensuring that a fix is confirmed and an update is prepared and deployed.

Public Disclosure Timing

Please keep your vulnerability report confidential until we have completed the fix and rollout process. The timeline for public disclosure depends on the severity of the issue and may involve coordinating with stakeholders and industry partners.

We strive to resolve all security issues in a timely and transparent manner. Collaboration and communication during the vulnerability disclosure process are vital. We appreciate your help in keeping our project safe and secure for everyone.

More Information

For more information on how to contribute or other ways to get involved with the project, check out our CONTRIBUTING.md.

Thank you for supporting our project and helping us ensure the security and reliability of our code!