From 377234ad8ed7b15667662250166c1bac6327c879 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebasti=C3=A1n=20Ram=C3=ADrez?= Date: Mon, 7 Jun 2021 14:55:40 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20Create=20Security=20Policy?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- SECURITY.md | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000000..322f95f629ccf --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,31 @@ +# Security Policy + +Security is very important for FastAPI and its community. 🔒 + +Learn more about it below. 👇 + +## Versions + +The latest versions of FastAPI are supported. + +You are encouraged to [write tests](https://fastapi.tiangolo.com/tutorial/testing/) for your application and update your FastAPI version frequently after ensuring that your tests are passing. This way you will benefit from the latest features, bug fixes, and **security fixes**. + +You can learn more about [FastAPI versions and how to pin and upgrade them](https://fastapi.tiangolo.com/deployment/versions/) for your project in the docs. + +## Reporting a Vulnerability + +If you think you found a vulnerability, and even if you are not sure about it, please report it right away by sending an email to: security@tiangolo.com. Please try to be as explicit as possible, describing all the steps and example code to reproduce the security issue. + +I (the author, [@tiangolo](https://twitter.com/tiangolo)) will review it thoroughly and get back to you. + +## Public Discussions + +Please restrain from publicly discussing a potential security vulnerability. 🙊 + +It's better to discuss privately and try to find a solution first, to limit the potential impact as much as possible. + +--- + +Thanks for your help! + +The FastAPI community and I thank you for that. 🙇