Skip to content

Security: mooship/laterite

Security

Report a vulnerability

.github/SECURITY.md

πŸ›‘οΈ Security Policy

πŸ”’ Security Overview

At The Red Soil, we take security seriously. This document outlines our security policy and procedures for reporting and handling security vulnerabilities.

🚨 Reporting Security Vulnerabilities

If you discover a security vulnerability in this project, please help us by reporting it responsibly.

πŸ“§ How to Report

  • Email: Send security reports to contact@theredsoil.co.za
  • Do NOT create public GitHub issues for security vulnerabilities
  • Do NOT disclose vulnerabilities publicly until they have been addressed

πŸ“ What to Include

When reporting a security vulnerability, please include:

  • A clear description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact and severity
  • Any suggested fixes or mitigations
  • Your contact information for follow-up (optional)

⏳ Response Process

Security reports will be reviewed and addressed as time permits. We appreciate your patience and responsible disclosure. Critical vulnerabilities will be prioritized and addressed promptly.

πŸ›‘οΈ Security Measures

πŸ”„ Current Security Practices

  • Dependency Updates: Dependencies are updated when possible
  • Code Review: Changes are reviewed before merging when feasible
  • HTTPS: Site uses HTTPS for secure connections
  • Basic Security: Standard web security practices are implemented

πŸ”§ Security Updates

πŸ“’ Staying Informed

  • Watch this repository for security advisories
  • Follow our social media for important updates
  • Subscribe to security mailing list (contact us to join)

πŸ”„ Updating Dependencies

We update dependencies to address security vulnerabilities when they become available and can be implemented.

πŸ“‹ Vulnerability Classification

⚠️ Severity Levels

  • Critical: Immediate threat to user data or system integrity
  • High: Significant security risk with potential for exploitation
  • Medium: Security weakness with limited exploitation potential
  • Low: Minor security improvements needed

πŸ“£ Disclosure Policy

  • We follow responsible disclosure practices
  • Vulnerabilities will be addressed based on severity and available resources
  • Credit is given to security researchers who report issues
  • Security updates are documented when possible

πŸ™ Acknowledgments

We appreciate the security research community for helping keep our project and users safe. Security researchers who responsibly disclose vulnerabilities will be acknowledged.

πŸ“ž Contact

For security reports: contact@theredsoil.co.za

Last Updated: November 1, 2025

There aren’t any published security advisories