This security policy only applies to asdf core, which is the code contained in this repository. All plugins are the responsibility of their creators and are not covered under this security policy.
Typically only the latest version is maintained. Versions are released sequentially, with major, minor, and patch versions incremented as necessary. If a vulnerability is found in an old version of asdf, updating to the latest version of asdf will be required.
Version | Supported |
---|---|
0.8.x | ✅ |
0.7.x | ❌ |
0.6.x | ❌ |
0.5.x | ❌ |
0.4.x | ❌ |
0.3.x | ❌ |
0.2.x | ❌ |
0.1.x | ❌ |
To report a vulnerability please contact one of:
- @Stratus3D via email: see https://stratus3d.com/contact/ for email. PGP is not setup for this email address.
- @danhper via email: see https://daniel.perez.sh/ for email and PGP key
- @jthegedus via email: see https://github.com/jthegedus for email. PGP is not setup for this email address.
- TODO: Add secure contact methods of others on the core team.