Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Replaced static-analysis.yml with continuous-integration.yml in stati…
…c badge and added SECURITY.md
- Loading branch information
1 parent
c359278
commit 9784aab
Showing
2 changed files
with
40 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# Security Policy | ||
|
||
## Supported Versions | ||
|
||
|
||
| Version | Supported | PHP Version | | ||
|---------|--------------------|------------------------------------------------------------------------------------------------------------------------| | ||
| 3.x | :white_check_mark: | ![PHP from Packagist (specify version)](https://img.shields.io/packagist/php-v/dotkernel/dot-user-agent-sniffer/3.4.0) | | ||
| <= 2.x | :x: | | | ||
|
||
|
||
## Reporting Potential Security Issues | ||
|
||
If you have encountered a potential security vulnerability in this project, | ||
please report it to us at <security@dotkernel.com>. We will work with you to | ||
verify the vulnerability and patch it. | ||
|
||
When reporting issues, please provide the following information: | ||
|
||
- Component(s) affected | ||
- A description indicating how to reproduce the issue | ||
- A summary of the security vulnerability and impact | ||
|
||
We request that you contact us via the email address above and give the | ||
project contributors a chance to resolve the vulnerability and issue a new | ||
release prior to any public exposure; this helps protect the project's | ||
users, and provides them with a chance to upgrade and/or update in order to | ||
protect their applications. | ||
|
||
|
||
## Policy | ||
|
||
If we verify a reported security vulnerability, our policy is: | ||
|
||
- We will patch the current release branch, as well as the immediate prior minor | ||
release branch. | ||
|
||
- After patching the release branches, we will immediately issue new security | ||
fix releases for each patched release branch. |