-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #11 from mdabir1203/mdabir1203-patch-11
Create SECURITY.md
- Loading branch information
Showing
1 changed file
with
31 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| Security Policy | ||
| Supported Versions | ||
| Security is a top priority for our project. This section outlines which versions of our project are currently receiving security updates. We encourage users to ensure they are using a supported version to receive the latest security patches. | ||
|
|
||
| Version Supported | ||
| 5.1.x :white_check_mark: | ||
| 5.0.x :x: | ||
| 4.0.x :white_check_mark: | ||
| < 4.0 :x: | ||
| Reporting a Vulnerability | ||
| We take the security of our project seriously and value your assistance in keeping it safe. If you have discovered a security vulnerability, we encourage you to report it to us as soon as possible. We ask you to follow the steps outlined below to ensure a swift and effective response. | ||
|
|
||
| How to Report a Vulnerability | ||
| Contact Us: Please report any security vulnerabilities by emailing us at security@example.com. Provide as much information as possible about the vulnerability, including how it can be reproduced. | ||
|
|
||
| Confidentiality: To protect our users, please keep the issue confidential until we have had the opportunity to address it. | ||
|
|
||
| Acknowledgment: We aim to acknowledge receipt of your report within 48 hours. | ||
|
|
||
| Updates: After acknowledging your report, we will keep you informed of our progress in addressing the issue, typically within one week. | ||
|
|
||
| Disclosure: Once the issue has been resolved, we will collaborate with you on the timing and content of any public announcement. | ||
|
|
||
| What to Expect | ||
| Assessment: We will investigate all reported vulnerabilities and assess the risk to our users and the project. | ||
| Response: If your report is accepted, we will work to address the vulnerability promptly. | ||
| Recognition: Contributors who responsibly report vulnerabilities will be acknowledged in our project releases, if they wish. | ||
| Declination: If we determine that the issue does not constitute a security vulnerability, we will provide an explanation. | ||
| We appreciate your efforts in responsibly disclosing your findings and helping us maintain the security and integrity of our project. | ||
|
|
||
| Feel free to customize the contact details and the process according to your project's requirements. It's crucial to have a clear, accessible, and well-communicated security policy to encourage responsible vulnerability reporting and maintain trust in your project. |