The following versions of DataQuerying are currently supported and receive security updates:
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
If you discover a security vulnerability, please follow these steps:
-
Do Not Report Publicly:
- Avoid publicly disclosing the vulnerability (e.g., opening an issue or PR) to prevent potential exploitation.
-
Contact Us Securely:
- Email [email protected] with the following information:
- A detailed description of the vulnerability.
- Steps to reproduce the issue.
- The potential impact of the vulnerability.
- Any suggested fixes or patches.
- Email [email protected] with the following information:
-
Response Time:
- We will acknowledge receipt of your report within 48 hours.
- We aim to provide a resolution or mitigation plan within 7-14 days, depending on the severity and complexity.
To ensure the security of your deployment:
- Always use the latest version of the project.
- Keep dependencies up to date.
- Review and test your configuration before deploying.
We follow a coordinated disclosure policy:
- Once a fix is developed, we will notify the affected users before releasing the patch.
- If you report a vulnerability, we will credit you (if desired) in the release notes, unless anonymity is requested.
If you have any other security-related questions, feel free to reach out to us at [email protected].