-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
7779f5d
commit b7050b4
Showing
1 changed file
with
27 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,7 @@ | |
|
|
||
| ## Supported Versions | ||
|
|
||
| Use this section to tell people about which versions of your project are | ||
| currently being supported with security updates. | ||
| Please refer to this section to understand which versions of the project are currently supported with security updates. | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
|
|
@@ -14,8 +13,30 @@ currently being supported with security updates. | |
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| Use this section to tell people how to report a vulnerability. | ||
| If you discover a security vulnerability within this project, please follow these steps to report it: | ||
|
|
||
| Tell them where to go, how often they can expect to get an update on a | ||
| reported vulnerability, what to expect if the vulnerability is accepted or | ||
| declined, etc. | ||
| 1. **Ensure the Vulnerability is Reproducible:** | ||
| - Clearly outline the steps to reproduce the vulnerability. | ||
|
|
||
| 2. **Privately Notify the Project Team:** | ||
| - Send an email to [[email protected]](mailto:[email protected]) with a detailed description of the vulnerability. | ||
|
|
||
| 3. **Responsiveness:** | ||
| - You can expect an initial response within 48 hours acknowledging that your report has been received. | ||
|
|
||
| 4. **Scope and Impact Assessment:** | ||
| - The project team will work with you to assess the scope and impact of the vulnerability. | ||
|
|
||
| 5. **Fix and Disclosure:** | ||
| - If accepted, the team will work on a fix. A security patch will be released as soon as possible. | ||
| - Once the fix is ready, the team will notify you and provide credit for reporting the vulnerability. | ||
|
|
||
| ## Security Updates | ||
|
|
||
| Security updates for supported versions will be released regularly. It is recommended to update to the latest supported version to ensure the highest level of security. | ||
|
|
||
| ## End of Support | ||
|
|
||
| When a version reaches the end of its support period, it will no longer receive security updates. It is strongly advised to upgrade to a supported version promptly. | ||
|
|
||
| Thank you for helping to improve the security of this project! | ||