Skip to content

Security: sageteamorg/django-sage-invoice

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

We take security issues seriously. If you discover a security vulnerability, please do the following:

  1. Do not open a public issue. This could allow the vulnerability to be exploited before it is fixed.

  2. Email us directly at [email protected]. Include the following information in your email:

    • A detailed description of the vulnerability.
    • Steps to reproduce the vulnerability (proof-of-concept code is preferred).
    • Potential impact of the vulnerability.
    • Any possible mitigations you have identified.
  3. Give us a reasonable amount of time to respond. We aim to acknowledge your email within 48 hours and will send regular updates on our progress.

  4. Coordinate disclosure. Once the vulnerability is fixed, we will coordinate with you on the disclosure process. We would appreciate it if you give us a chance to release a patch and announce the vulnerability before you publish any details.

Security Measures

To ensure the security of our project, we follow these practices:

  • Regularly update dependencies to mitigate known vulnerabilities.
  • Use static analysis tools to detect potential security issues.
  • Conduct regular code reviews with a focus on security.
  • Maintain a secure environment for our infrastructure.

Security Resources

Here are some resources for understanding security vulnerabilities and best practices:

Contact Us

If you have any questions or need further information, please contact us at [email protected].


Thank you for helping us keep our project secure.

There aren’t any published security advisories