🔒 We will do our best to our knowledge to provide maximum security when you're using our open-sourced projects.

If you are looking for just reporting an issue process, move quickly to reporting section.

⚙️ We are using the following SAST tools/services in our projects to maintain the security aspect:

In order to ensure that our project depedencies stay up to date and are secure, we use the following tools/services:

It is configured with GitHub Actions workflows inside the public repositories of our GitHub organisation - in the directory ./.github/workflows.

It is configured in ./.github/workflows/ci-cd.yml workflow file.
It runs on every push or pull request action to the main branch.

It is configured in ./.github/workflows/scheduled.yml workflow file.
It runs on the main branch, on specified period (not longer than once a week).

The application is installed within our organisation with access to our public repositories.
It runs on every push or pull request.

📟 If you have found a security issue or have any concerns or doubts regarding privacy rights, please get in touch with us.
There are possible options (the first one is recommended):

1. Create GitHub's Security Advisory in the specific project repository where the security issue exists (in the Security tab/pane).
2. Traditionally, via email: dev@adchitects.co.

⚠️ We are all ears, but please, DO NOT create a GitHub issue for reporting a vulnerability.

1. 🗓️ Our team should acknowledge your report within 7 days

2. 🕵️ The team will investigate and update the issue with relevant information.

   1. ❌ If the team does NOT confirm the report, no further action will be taken by us. We will be sure to inform you regarding this result.
   2. ✅ If the team confirms the report, the team will take action to fix it immediately:
      1. Commits will be handled in a private repository for review and testing.
      2. Release a new patch version from the private repository.
      3. Write an announcement post disclosing the vulnerability.