Use this section to tell people about which versions of your project are currently being supported with security updates.
| Version | Supported |
|---|---|
| 0.0.1 | nope |
| 0.0.2 | nope |
| 0.0.3 | ✅ |
How to Report a Vulnerability
Contact Us: Please send your report via email to [[email protected]]. This will ensure that it reaches the right us quickly.
Provide Details: Include as much information as possible about the vulnerability, such as the steps to reproduce it, its potential impact, and any suggestions you have for a fix.
Our Response Process
Upon receiving your report, here's what you can expect from us:
Acknowledgement: We aim to acknowledge receipt of your report within 48 hours.
Communication: We'll keep you updated on our progress. Expect an update at least every 72 hours until the issue is resolved.
Confidentiality: We ask that you keep the issue confidential until we've had a chance to address it. We'll coordinate with you on public disclosure.
Resolution: We'll work diligently to resolve the issue. If your report is accepted, we'll notify you of the resolution and any steps we're taking to prevent similar issues in the future.
Recognition: Contributors who responsibly report vulnerabilities will be acknowledged (if desired) in our public communications about the issue.
Policy on Accepted and Declined Reports
Accepted Reports: If we confirm the vulnerability and its impact, we'll work with you to validate and address it.
Declined Reports: If we determine that the report doesn't represent a real vulnerability, or it's not applicable to our project, we'll let you know why.
Thank you for helping us keep our software secure.