Security Policy Supported Versions This section will be updated as the project grows.
Version Supported 5.1.x ✅ 5.0.x ❌ 4.0.x ✅ < 4.0 ❌ Reporting a Vulnerability We appreciate and encourage responsible disclosure of security vulnerabilities by the community. To report a vulnerability, please follow these guidelines:
Email: Send an email to security@yourproject.com with the subject line "Security Vulnerability Report".
Provide Details: In your email, provide a clear and detailed description of the vulnerability you discovered. Include any steps, code samples, or proof-of-concept examples that can help us understand and reproduce the vulnerability.
Encryption (Optional): If you believe it's necessary, you can encrypt your email using our PGP key. Contact us via security@yourproject.com to request the PGP key.
Response Time: We strive to respond to vulnerability reports promptly. You can expect an initial response acknowledging receipt of your report within [specify time frame, e.g., 48 hours].
Investigation and Mitigation: Our security team will conduct a thorough investigation of the reported vulnerability. We may reach out to you for further clarification or details during this process.
Disclosure and Fix: Once a vulnerability is confirmed and addressed, we will develop a fix and release a security update. The timing of the release will depend on the severity and complexity of the vulnerability. We will keep you informed about the progress and expected release date.
Acknowledgment: We greatly appreciate the efforts of those who report vulnerabilities to us. If you wish to be acknowledged for your contribution, please let us know in your initial email. We can credit you publicly or keep your report anonymous as per your preference.
We are committed to ensuring the security of our project and appreciate your assistance in making it better. Thank you for helping us create a safe and secure environment for our users.
Note: Please do not disclose any vulnerabilities publicly until we have had a chance to investigate and provide a fix.