| Version | Supported |
|---|---|
| 0.6.x | Yes |
| < 0.6 | No |
If you discover a security vulnerability, please report it responsibly:
- Do not open a public GitHub issue
- Email security@gatewarden.eu with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- You will receive an acknowledgement within 48 hours
- We will work with you to understand and address the issue before any public disclosure
The following are in scope:
- Authentication and credential handling (
nxs_pat_*tokens) - Network communication (API requests, TLS)
- Local file system operations (workspace files, config)
- Install script (
install.sh)
We follow coordinated disclosure. We ask that you give us reasonable time to address the issue before making it public.