If you discover a security vulnerability in Abaan-Django, we appreciate your responsible disclosure. To report a security issue, please follow these steps:
-
Do Not Publicly Disclose: Please do not publicly disclose the vulnerability until it has been addressed by the maintainers.
-
Contact Us: You can report the security vulnerability by sending an email to [email protected]. Please include a detailed description of the vulnerability, the potential impact, and steps to reproduce (if applicable).
-
Response: We will acknowledge your report within 7 days and work with you to confirm and understand the issue.
-
Patch and Disclosure: Once the vulnerability is confirmed, we will work on fixing the issue. After the fix is released, we will provide proper credit to the reporter (unless otherwise requested) and disclose the details of the vulnerability.
The security policy applies to the latest release of Abaan-Django. We do not provide security support for older versions.
| Version | Supported |
|---|---|
| 1.0 | ✅ |
| < 1.0 | ❌ |
We take security seriously and continuously strive to ensure the safety of the project. Here are some of the measures we follow:
-
Regular Code Audits: Our codebase is regularly audited for potential security issues.
-
Bug Bounty Program: We do not currently have a bug bounty program, but we encourage responsible disclosure of security vulnerabilities.
-
Secure Dependencies: We use the latest versions of dependencies and third-party libraries that have not been flagged for security issues.
-
Timely Updates: Security patches and updates are promptly applied to the project.
We expect all contributors and users to follow responsible disclosure practices when reporting security vulnerabilities. Publicly disclosing security vulnerabilities without following responsible disclosure practices can harm the project and its users.
We appreciate the collaborative efforts of our community in identifying and resolving security issues. Together, we can make Abaan-Django a safer environment for all users.
Please note that this Security Policy may be updated or modified over time. We encourage all users to stay informed about security-related matters by periodically checking this page.
Thank you for your contributions to Abaan-Django's security and safety!