Use this section to let people know which versions of your project are currently being supported with security updates.
Version | Supported |
---|---|
1.2.x | ✅ |
1.1.x | ✅ |
1.0.x | ❌ |
< 1.0 | ❌ |
Your contributions to the security of our project are greatly appreciated. If you've discovered a security vulnerability within the project, we encourage you to report it as soon as possible. Please follow these guidelines to communicate the issue responsibly.
If you believe you have found a security vulnerability, please send us an email at security@goatbytes.io. Provide a clear description of the issue, including how it can be reproduced, and, if possible, a code snippet or an executable test case demonstrating the vulnerability.
After submitting a vulnerability report, you should receive an acknowledgment of your report within 48 hours. Following this, the team will:
- Review your report and determine whether the vulnerability can be confirmed.
- Assign a severity level to the vulnerability according to its impact and urgency.
- Notify you of the progress towards a fix and full announcement.
- Work to remediate the issue through mutual agreement, ensuring that a fix is confirmed and an update is prepared and deployed.
Please keep your vulnerability report confidential until we have completed the fix and rollout process. The timeline for public disclosure depends on the severity of the issue and may involve coordinating with stakeholders and industry partners.
We strive to resolve all security issues in a timely and transparent manner. Collaboration and communication during the vulnerability disclosure process are vital. We appreciate your help in keeping our project safe and secure for everyone.
For more information on how to contribute or other ways to get involved with the project, check out our CONTRIBUTING.md.
Thank you for supporting our project and helping us ensure the security and reliability of our code!