-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(security): create security policy file (#5)
- Loading branch information
Showing
1 changed file
with
49 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| # Security Policy | ||
|
|
||
| ## Introduction | ||
|
|
||
| This document outlines the security policy for this project. Our goal is to protect all information and infrastructure related to this project from unauthorized access and alterations. | ||
|
|
||
| ## Secure Versions | ||
|
|
||
| The table below outlines which versions of our project are currently receiving security updates. We strongly recommend using the latest supported version to ensure your application remains secure. | ||
|
|
||
| | Version | Secure | | ||
| | ------- | ------ | | ||
| | main branch | :question: | <!-- Update this with :white_check_mark: or :x: based on current support status --> | ||
| | 2024.0.0 | :white_check_mark: | | ||
|
|
||
| Please note that the `main branch` row indicates the current state of the main development branch. | ||
| If you're using a version not listed here, it is not currently supported with security updates, and we recommend upgrading to a supported version. | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| We take the security of our project seriously. If you have discovered a potential security issue, we appreciate your help in disclosing it to us in a responsible manner. | ||
|
|
||
| - **Please do not report security vulnerabilities through public GitHub issues.** | ||
|
|
||
| ### How to Report a Security Vulnerability? | ||
|
|
||
| If you believe you have found a security vulnerability in our project, please send a report to us by: | ||
|
|
||
| 1. **Creating an issue**: Go to the Issues section of our GitHub repository and create a new issue. Describe the vulnerability as much as you can without disclosing any sensitive information. After we assess the issue, we will communicate with you through the issue tracker. | ||
|
|
||
| 2. **Contacting the project team directly**: If the issue is sensitive, please email the project team directly. (Provide contact email or method here). | ||
|
|
||
| ### What to Include in a Vulnerability Report? | ||
|
|
||
| Your report should include: | ||
|
|
||
| - The location and nature of the potential security issue. | ||
| - Any details about how the vulnerability can be exploited. | ||
| - If possible, a description of the potential impact of the vulnerability. | ||
| - Steps to reproduce the issue or a proof-of-concept. | ||
|
|
||
| ## Policy Updates | ||
|
|
||
| This security policy may be updated from time to time. We will notify stakeholders of significant changes through the standard communication channels for this project. | ||
|
|
||
| ## Acknowledgments | ||
|
|
||
| We appreciate your assistance in keeping this project secure and encourage responsible disclosure of security vulnerabilities. | ||
|
|