Skip to content

Latest commit

 

History

History
46 lines (29 loc) · 1.95 KB

SECURITY.md

File metadata and controls

46 lines (29 loc) · 1.95 KB

Security Policy

Supported Versions

We currently support the following versions with security updates:

Version Supported
>=0.6.0
<= 0.5.9

Reporting a Vulnerability

If you discover a security vulnerability, please do the following:

  1. Do not open an issue describing the vulnerability. This could expose the vulnerability to the public.
  2. Use GitHub's private vulnerability reporting feature to report the vulnerability directly. You can do this by using Github's private reporting feature of the repository and clicking "Report a vulnerability".
  3. Alternatively, you can contact us directly at [email protected] with the following details:
    • A description of the vulnerability and its impact.
    • Steps to reproduce the vulnerability.
    • Any potential fixes you have in mind.

We will acknowledge your report within 48 hours and work with you to understand and address the issue promptly. We will keep you updated on our progress.

Preferred Languages

We prefer all communications to be in English.

Public Disclosure Policy

  • We will work with you to make a coordinated disclosure.
  • Once a fix is implemented, we will release it and publish a security advisory.
  • We will credit you for the discovery of the vulnerability if you wish to be credited.

Security Updates

  • We aim to release security updates as soon as possible after a vulnerability is discovered.
  • Security updates will be listed in the CHANGELOG with a detailed description of the changes.

Thank You

We appreciate your efforts to improve the security of our project. Thank you for helping keep our project and community safe!

Contact

For any further questions regarding our security policy, please contact us at [email protected].