SECURITY.md

Security Policy

Reporting a Vulnerability

If you believe you've identified a security vulnerability in dfts-helper, dfts-qrcode, dfx-helper, dfx-qrcode, dfx-bootstrap-table or dfx-bootstrap-icons (a bug that allows something to happen that shouldn't be possible), you can reach us at [email protected].

You will receive a response from us within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but likely within a few days.

Scope

We only fix vulnerability in the code distributed through our main source code repository on GitHub. Vulnerabilities that are specific to a given installation (e.g. misconfiguration) should be reported to the owner of that installation and not us.

Supported Versions

dfts-helper

Version	Supported
1.x.x	✅
< 1.0	❌

dfts-qrcode

Version	Supported
1.x.x	✅
< 1.0	❌

dfx-helper

Version	Supported
9.x.x	✅
8.x.x	✅
< 8.0	❌

dfx-qrcode

Version	Supported
4.x.x	✅
3.x.x	✅
< 3.0	❌

dfx-bootstrap-table

Version	Supported
5.x.x	✅
4.x.x	✅
3.x.x	❌
2.x.x	❌
< 2.0	❌

dfx-bootstrap-icons

Version	Supported
3.x.x	✅
2.x.x	✅
1.x.x	❌
< 1.0	❌