Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🔒 add Security Policy #619

Merged
merged 2 commits into from
May 17, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 45 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# Security Policy

## Supported Versions

| Version | Supported |
|---------|--------------------|
| 8.x.x | :white_check_mark: |
| 7.x.x | :x: |
| 6.x.x | :x: |
| 5.x.x | :x: |
| 4.x.x | :x: |
| 3.x.x | :x: |
| 2.x.x | :x: |
| 1.x.x | :x: |
| 0.x.x | :x: |


## Reporting a Vulnerability

We take the security of our software seriously. If you believe you have found a security vulnerability, please report it
to us as described below.

**DO NOT CREATE A GITHUB ISSUE** reporting the vulnerability.

Instead, send an email to [techouse@gmail.com](mailto:techouse@gmail.com).

In the report, please include the following:

- Your name and affiliation (if any).
- A description of the technical details of the vulnerabilities. It is very important to let us know how we can
reproduce your findings.
- An explanation who can exploit this vulnerability, and what they gain when doing so -- write an attack scenario. This
will help us evaluate your submission quickly, especially if it is a complex or creative vulnerability.
- Whether this vulnerability is public or known to third parties. If it is, please provide details.

If you don’t get an acknowledgment from us or have heard nothing from us in a week, please contact us again.

We will send a response indicating the next steps in handling your report. We will keep you informed about the progress
towards a fix and full announcement.

We will not disclose your identity to the public without your permission. We strive to credit researchers in our
advisories when we release a fix, but only after getting your permission.

We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your
contributions.