Skip to content

Security: jenarros/http4k

Security

SECURITY.md

Security Policy

Supported Versions

http4k is released on a regular basis, generally as soon as fixes are available. We recommend keeping http4k up-to-date in order that any changes to APIs will not need to be mixed in with security patches.

Version Supported
4.x
3.x and below

Reporting a Vulnerability

Please reach out to: security@http4k.org if you find a vulnerability with http4k code. Typically you can expect a response the same working day.

For vulnerabilities in third party dependencies, we monitor these separately and update as soon as a fix is released by the maintainers. Our normal policy is to fix-forward.

There aren’t any published security advisories