We provide security updates for the following versions of our project:
| Version | Supported |
|---|---|
| 1.1.x | ✅ |
| < 1.1 | ❌ |
If you discover a security vulnerability, we appreciate your cooperation in disclosing it responsibly. To report a vulnerability, please follow these steps:
-
Contact Method: Send an email to [email protected] with details about the vulnerability. Please refrain from publicly disclosing the vulnerability until it has been addressed by us.
-
Vulnerability Details: Provide as much information as possible about the vulnerability, including steps to reproduce, affected versions, and potential impact.
-
Response Time: We aim to acknowledge your report within 24 hours, and will work to validate and address the reported issue promptly.
-
Communication: You will receive periodic updates on the progress of your report. We will keep you informed about the steps taken to resolve the issue.
We request that you refrain from publicly disclosing vulnerabilities until we have had an opportunity to review and address them. We appreciate responsible disclosure and collaboration in ensuring a secure environment for all users.
-
Acceptance Criteria: Valid vulnerability reports will be assessed based on severity, impact, and reproducibility.
-
Resolution: If the vulnerability is accepted, we will work diligently to implement a fix. Once fixed, we will notify you and publicly acknowledge your contribution (if desired).
-
Declined Reports: If a reported issue does not meet our criteria, we will provide an explanation for the decision and offer guidance if applicable.
This security policy applies to all aspects of this project and its associated repositories.
Stay updated with security announcements and updates by periodically checking this repository for any security-related changes.
For any security-related inquiries or concerns, please contact [email protected].