Skip to content

Latest commit

 

History

History
14 lines (10 loc) · 1.02 KB

SECURITY.md

File metadata and controls

14 lines (10 loc) · 1.02 KB

Security Policy

Supported Versions

By default, only the latest version of the library is supported. Security patches may be backported to older versions, but only in exceptional circumstances.

Reporting a Vulnerability

  • Suspected security vulnerabilities should not be discussed publicly. Do not open an issue using the normal issue tracker.
  • Create your own fork of this project
  • Create a Security Advisory in your fork. Do not worry about getting all the settings correct initially.
  • Grant access to the my username (pjfanning) so that I can see the description of the issue and comment.
  • If I accept that there is a vulnerability, I move the Security Advisory to this project and add all the parties from the fork advisory as collaborators.
  • I will try to get a fix, a release and CVE assignment done as quickly as I can.