We take security seriously and will do our best to address security issues in a timely manner. Here is the list of versions that are currently being supported with security updates:
| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
If you discover a security vulnerability, please report it to us as soon as possible. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your report promptly.
- Email: Send an email to [email protected] with the subject line "Security Vulnerability in [Project Name]".
- Details: Include as much information as possible about the vulnerability. Please include:
- The steps to reproduce the vulnerability
- The potential impact
- Any possible mitigations or fixes
- Confidentiality: Please do not publicly disclose the vulnerability until we have had a chance to investigate and address it.
- We will acknowledge receipt of your report within 24 hours.
- We will provide an estimated timeframe for addressing the vulnerability.
- We will keep you informed of the progress as we work on a fix.
- Once the vulnerability is fixed, we will coordinate with you on an appropriate disclosure timeline.
While we work to ensure that [Project Name] is secure, it is also important for users to follow best practices to protect their deployments:
- Keep your software up to date with the latest versions.
- Regularly review and apply security patches.
- Use strong, unique passwords and enable multi-factor authentication (MFA) where possible.
- Regularly review your system logs and monitor for unusual activity.
- Backup your data regularly and verify the integrity of your backups.
If you have any questions or need further assistance, feel free to contact us at [email protected].
Thank you for helping us keep [Project Name] secure!