Skip to content

Security: ringlesoft/laravel-process-approval

Security

SECURITY.md

Security Policy

Supported Versions

The following versions of laravel process approval package are currently being supported with security updates.

Version Supported
1.0.x

Reporting a Vulnerability

We take the security of the Laravel Process Approval package seriously. If you have discovered a vulnerability, we appreciate your assistance in disclosing it responsibly. This ensures that we can address and resolve the issue promptly to maintain the security of our users.

Reporting Process

To report a vulnerability, please follow these steps:

  • Email: Send an email to ringunger@gmail.com with the subject "Security Vulnerability Report."

  • Include Details: In your email, provide detailed information about the vulnerability. Include steps to reproduce the issue, potential impact, and any other relevant details that can help us understand and address the problem.

  • Contact Information: Include your contact information, including your name and any preferred method of communication (email, phone, etc.).

  • Encryption: If the vulnerability details are sensitive, you can use our PGP key for encryption. Contact us via email to request the PGP key.

Response Time

We strive to acknowledge all vulnerability reports promptly. Our team will review the report, and you can expect an initial response within 48 hours.

Vulnerability Handling

Accepted Vulnerabilities

If the reported vulnerability is accepted, we will work on a fix and release a new version of the Laravel Process Approval package. We will credit you for the responsible disclosure unless you prefer to remain anonymous.

Declined Vulnerabilities

If the reported vulnerability is deemed not to be a valid issue, we will provide a detailed explanation of our findings. You can appeal our decision if you believe there has been a misunderstanding.

Confidentiality

We understand the sensitivity of security-related information. We will handle all reports with the utmost confidentiality. Please let us know if there are specific concerns or limitations regarding the disclosure of the vulnerability.

Responsible Disclosure

We appreciate your responsible disclosure of security vulnerabilities. We encourage you to avoid publicizing the vulnerability until we have had an opportunity to address it. We will keep you informed of the progress and coordinate the public disclosure timeline.

Thank you for helping us keep Laravel Process Approval secure for everyone. Your efforts contribute to the safety and well-being of our user community.

There aren’t any published security advisories