Skip to content

Latest commit

 

History

History
29 lines (18 loc) · 1.55 KB

SECURITY.md

File metadata and controls

29 lines (18 loc) · 1.55 KB

Security Policy

Supported Versions

The following versions of the project are currently supported with security updates.

Version Supported
2.15.x
2.14.x
2.13.x
< 2.12

Reporting a Vulnerability

We encourage responsible disclosure of security vulnerabilities. If you discover a vulnerability, please report it to us privately to allow time for remediation.

How to Report

  1. Private Disclosure: Use GitHub's Security Advisories feature to report a vulnerability. This ensures the report remains private and secure. You can create a private security advisory here.

Reporting Guidelines

  • Expected Response Time: We aim to acknowledge vulnerability reports within 7 days. Actual resolution times may vary depending on the complexity and severity of the issue.
  • After Reporting: Once a vulnerability is reported, we will acknowledge the report and provide regular updates until the issue is resolved. If the vulnerability is accepted, it will be prioritized and patched in a timely manner. If declined, we will provide a clear reason for the decision.

Please do not disclose any security vulnerabilities publicly until they have been addressed.

Thank you for helping to keep our project secure!