generated from wayofdev/laravel-package-tpl
-
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #705 from wayofdev/feat/infra-dx
ci: disable auto-merge of release PRs
- Loading branch information
Showing
11 changed files
with
1,975 additions
and
124 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
# Security Policy | ||
|
||
Thank you for helping keep `wayofdev/laravel-cycle-orm-adapter` and its users safe. We greatly appreciate your efforts to disclose security vulnerabilities responsibly. | ||
|
||
<br> | ||
|
||
## 🙋♂️ Supported Versions | ||
|
||
Only certain versions of `wayofdev/laravel-cycle-orm-adapter` are currently being maintained with security updates. Please use or upgrade to one of these supported versions: | ||
|
||
| Version | Supported | | ||
|---------|--------------------| | ||
| 4.x | :white_check_mark: | | ||
|
||
Please ensure that you are using one of these supported versions before reporting a security issue. | ||
|
||
<br> | ||
|
||
## 🚨 Reporting a Vulnerability | ||
|
||
We take all security bugs in `wayofdev/laravel-cycle-orm-adapter` seriously. Please follow the instructions below to report security vulnerabilities. | ||
|
||
### → How to Report a Vulnerability | ||
|
||
1. **GitHub Security Advisories**: Please report security issues directly through our GitHub Security Advisories page: [https://github.com/wayofdev/laravel-cycle-orm-adapter/security/advisories/new](https://github.com/wayofdev/laravel-cycle-orm-adapter/security/advisories/new). This ensures that sensitive information is handled confidentially. | ||
|
||
2. **Empty Security Issue**: After submitting through GitHub Security Advisories, please also create an empty security issue to alert us, as GitHub Advisories do not send automatic notifications. This can be done [here](https://github.com/wayofdev/laravel-cycle-orm-adapter/issues/new?assignees=&labels=type%3A+bug%2Cpriority%3A+high%2Ctype%3A+security&projects=&template=5-security-report.yml&title=%5BSecurity%5D%3A+). | ||
|
||
3. **Direct Contact**: For highly sensitive information, in addition to the GitHub Security Advisories, please email us directly at `[email protected]` with the subject line "SECURITY - Vulnerability Report". This will be treated with the highest priority. | ||
|
||
Please do not discuss potential security issues in public forums or through our public GitHub issues tracker. | ||
|
||
## ❌ Third-Party Bug Bounty Platforms | ||
|
||
At this moment, we DO NOT accept reports from third-party bug bounty platforms to minimize risk. All vulnerability reports should come through the specified channels above. | ||
|
||
<br> |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.