Skip to content

Security: myrotvorets/envalidators

Security

SECURITY.md

Security Policy

Reporting Security Issues

We take security seriously. We appreciate your efforts to disclose your findings responsibly and will make every effort to acknowledge your contributions.

To report a security vulnerability, please email us at [email protected]. Please do not create public GitHub issues for security vulnerabilities.

We will acknowledge receipt of your vulnerability report within 24 hours and will strive to provide regular updates about our progress in addressing the vulnerability.

Please provide the following information when reporting a security vulnerability:

  • Description of the vulnerability
  • Steps to reproduce the vulnerability
  • Versions affected
  • Any additional information that might be useful

Response Time

We will acknowledge receipt of your vulnerability report within 24 hours, excluding weekends and holidays. Our team will then work diligently to assess and address the vulnerability promptly.

We prioritize the handling of security vulnerabilities and strive to provide updates and fixes promptly.

Confidentiality

We request that you only disclose the details of the vulnerability or related correspondence once we have had an opportunity to address the issue. Once the vulnerability has been resolved, we will coordinate with you on an appropriate timeline for public disclosure.

Scope

This security policy applies to vulnerabilities in this project. If you discover a vulnerability in a dependency, please report it directly to the maintainer of that project.

Bug Bounty

We do not currently offer a bug bounty program, but we sincerely appreciate and acknowledge the contributions of security researchers who responsibly disclose vulnerabilities to us.

Thank you for helping to keep this project secure!

There aren’t any published security advisories