Since version 1.0.2, code security scans are done by Sonar Cloud as an additional security layer.
Since it's first full release in version 1.0 all following versions are receiving security update released in new versions. Please note that versioning is continuous and packages with life-cycles or LTS are not available. To keep the latest secure version please use the latest stable release.
| Version | Supported |
|---|---|
| >= 1.0 | ✅ |
| < 1.0 | ❌ |
You can report a Vulnerability by:
- Createing an Github issue
- Contact us on Discord (We will then create the issue on Github)
When Reporting an security issue, please be specific as possible. At least the following information are mandatory:
- Nebucord version used
- PHP version used (PHP-CLI and core)
- OS type and version
- Client OS type and version if applicable (in case it affects an OS which the API communicates with (bot interactions i. e.))
- What happens with this Vulnerability
- Additional information (if applicable)