From fe5886ca8d9e4d7b63ed121d7188c4c0810b184c Mon Sep 17 00:00:00 2001 From: Jody McIntyre Date: Thu, 4 Aug 2016 19:52:46 -0400 Subject: [PATCH] minor readability updates --- SECURITY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 10d935a1edd..c7a177b2b10 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -23,9 +23,9 @@ In some cases, we offer monetary compensation (bounties) for reports of security ## Release Process -plotly.js security fixes are normally released as "patch" releases on top of the current plotly.js version. For example if the current plotly.js version is 1.14.0 and we fix a security issue, we will release 1.14.1 with the fix. Security fixes may also be made as part of a major or minor plotly.js release, if the fix coincides with our normal release cycle. For example if the current plotly.js version is 1.14.0, we may release version 1.15.0 with the fix. +plotly.js security fixes are normally released as "patch" releases on top of the current plotly.js version. For example if the current plotly.js version is 1.14.0 and we fix a security issue, we will release 1.14.1 with the fix. Alternatively, security fixes may be made as part of a major or minor plotly.js release, if the fix coincides with our normal release cycle. For example if the current plotly.js version is 1.14.0, we may release version 1.15.0 with the fix instead of 1.14.1. -Security fixes are also backported to older versions of plotly.js as required by paying Plotly On-Premise or Plotly Cloud customers. These fixes are released as "patch" releases, and are made available to the community once affected customers have upgraded. We also accept backports to older versions contributed by community members. +Security fixes are backported to older versions of plotly.js as required by paying Plotly On-Premise or Plotly Cloud customers. These fixes are released as "patch" releases, and are made available to the community once affected customers have upgraded. We also accept backports to older versions contributed by community members. Since the typical plotly.js use case involves trusted data, we do not remove old, potentially vulnerable versions from our GitHub repo or from our CDN.