-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
96aa698
commit e579afb
Showing
1 changed file
with
35 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| # Security Policy | ||
|
|
||
| ## Reporting Security Issues | ||
|
|
||
| We take security seriously. We appreciate your efforts to disclose your findings responsibly and will make every effort to acknowledge your contributions. | ||
|
|
||
| To report a security vulnerability, please email us at [[email protected]]([email protected]). Please do not create public GitHub issues for security vulnerabilities. | ||
|
|
||
| We will acknowledge receipt of your vulnerability report within 24 hours and will strive to provide regular updates about our progress in addressing the vulnerability. | ||
|
|
||
| Please provide the following information when reporting a security vulnerability: | ||
| - Description of the vulnerability | ||
| - Steps to reproduce the vulnerability | ||
| - Versions affected | ||
| - Any additional information that might be useful | ||
|
|
||
| ## Response Time | ||
|
|
||
| We will acknowledge receipt of your vulnerability report within 24 hours, excluding weekends and holidays. Our team will then work diligently to assess and address the vulnerability promptly. | ||
|
|
||
| We prioritize the handling of security vulnerabilities and strive to provide updates and fixes promptly. | ||
|
|
||
| ## Confidentiality | ||
|
|
||
| We request that you only disclose the details of the vulnerability or related correspondence once we have had an opportunity to address the issue. Once the vulnerability has been resolved, we will coordinate with you on an appropriate timeline for public disclosure. | ||
|
|
||
| ## Scope | ||
|
|
||
| This security policy applies to vulnerabilities in this project. If you discover a vulnerability in a dependency, please report it directly to the maintainer of that project. | ||
|
|
||
| ## Bug Bounty | ||
|
|
||
| We do not currently offer a bug bounty program, but we sincerely appreciate and acknowledge the contributions of security researchers who responsibly disclose vulnerabilities to us. | ||
|
|
||
| Thank you for helping to keep this project secure! |