| Version | Supported |
|---|---|
| 1.0.x | ✅ |
| < 1.0 | ❌ |
We take the security of our project seriously. If you discover a security issue, please follow these steps to report it:
-
Contact us privately: Send a message using the the "Report a vulnerability" button at the top of this page with details of the vulnerability. Please do not disclose the issue publicly until we have had a chance to address it.
-
Provide detailed information:
- Include a clear and detailed description of the vulnerability.
- Provide steps to reproduce the vulnerability or a proof-of-concept.
- Let us know which versions of the project are affected.
-
Response time:
- You will receive an acknowledgment of your report within 48 hours.
- Our security team will work to validate and reproduce the reported vulnerability.
-
Resolution:
- Once validated, our team will work to address the vulnerability promptly.
- We will keep you informed of the progress towards a resolution.
-
Public disclosure:
- The security team will coordinate with you on an appropriate timeline for public disclosure if needed.
- We appreciate your patience and responsible disclosure during this process.
-
Vulnerability acceptance/declination:
- If the reported vulnerability is accepted, appropriate credit will be given to the reporter.
- If the vulnerability is declined, we will provide a detailed explanation of the decision.
We appreciate your contribution to the security of our project and thank you for your cooperation.