We release patches and updates to ensure the security of our software. Below is a list of supported versions:
| Version | Supported |
|---|---|
| 3.x.x | ✅ |
| < 3.0 | ❌ |
If you discover a security vulnerability in this repository, please report it to us directly. We take security issues seriously and will respond promptly to address the issue.
To report a vulnerability:
-
Email: Please send the details to engineers@safetycli.com. Include as much information as possible to help us understand the nature of the vulnerability and how it can be reproduced.
-
Bug Bounty Program: We offer a bug bounty program for qualifying vulnerabilities. Detailed information about the program, including eligibility and rewards, can be found on our Bug Bounty Program page.
We encourage our users to follow these best practices to ensure the security of their deployments:
- Always run the latest version of the software to benefit from security updates.
- Regularly review and update dependencies to avoid known vulnerabilities.
- Consider using containerization and sandboxing techniques to isolate the software from other parts of your system.
Please note that all participants in our community are expected to adhere to our Code of Conduct. This includes those participating in our security bounty program.
Thank you for helping to keep our project secure!