-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
62 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -59,7 +59,7 @@ representative at an online or offline event. | |
| ## Enforcement | ||
|
|
||
| Instances of abusive, harassing, or otherwise unacceptable behavior may be | ||
| reported to the community leaders responsible for enforcement at [email protected]. | ||
| reported to the community leaders responsible for enforcement at [[email protected]](mailto:[email protected]). | ||
| All complaints will be reviewed and investigated promptly and fairly. | ||
|
|
||
| All community leaders are obligated to respect the privacy and security of the | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| # Security Policy | ||
|
|
||
| We take the security of our project seriously. If you discover a security vulnerability, we encourage you to report it responsibly to ensure the issue is addressed quickly and effectively. | ||
|
|
||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| If you find a security vulnerability in this project, please follow the steps below: | ||
|
|
||
| 1. **Do not disclose the vulnerability publicly.** Contact us privately via email to give us the opportunity to resolve the issue before it is made public. | ||
|
|
||
| 2. Send an email to [[email protected]](mailto:[email protected]) with: | ||
| - A detailed description of the vulnerability | ||
| - Steps to reproduce the vulnerability, if possible | ||
| - Any additional relevant information (logs, screenshots, etc.) | ||
|
|
||
| 3. We aim to acknowledge your report within 48 hours and will keep you informed of the progress on the fix. | ||
|
|
||
|
|
||
| ## Fixing Policy | ||
|
|
||
| We aim to resolve security issues in a timely and transparent manner: | ||
|
|
||
| - **Fix timeline:** Once a vulnerability is identified, we will strive to issue a fix within 7 to 14 days. | ||
| - **User notifications:** After a fix is released, we will notify users through release notes and/or a public announcement on our [GitHub page](https://github.com/strangebuzz/microsymfony). | ||
|
|
||
|
|
||
| ## Supported Versions | ||
|
|
||
| We only maintain the main branch. | ||
|
|
||
| If you are using an unsupported version, we encourage you to upgrade to the latest | ||
| version to ensure the security of your project. | ||
|
|
||
| To do so you can cherry-pick the patch that was applied to the main branch to fix | ||
| the security issue. | ||
| All security related patches are prefixed by `security:`. | ||
|
|
||
| Thank you for helping us keep your open-source project secure! |