We actively maintain and support the following versions of the project:
| Version | Supported | End of Support |
|---|---|---|
2.x.x |
✅ | - |
1.x.x |
❌ | 01.12.2024 |
< 1.0.0 |
❌ | 15.09.2024 |
Please make sure to update to the latest version to ensure you're using the most secure version of our software.
If you find a vulnerability in our project, please report a security issue, please use the GitHub Security Advisory "Report a Vulnerability" tab.
Include as much information as possible about the vulnerability:
- A detailed description of the vulnerability.
- Steps to reproduce the issue.
- Potential impact of the vulnerability (e.g., data leak, privilege escalation).
- Any potential fixes or mitigation steps you've found.
We aim to respond to security reports within 48 hours and provide a timeline for addressing the issue within a week.
Once the issue is resolved, we will provide an acknowledgment in the release notes (unless you prefer to remain anonymous).
To help ensure the security of your usage of this project, we recommend the following:
- Always use the latest version of the software.
- Avoid using the
latesttag when pulling images. Instead, specify exact versions. - Regularly audit dependencies for security vulnerabilities.
- Follow the principle of least privilege when configuring access.
We follow a responsible disclosure policy to ensure that security vulnerabilities are handled appropriately. We ask that you:
- Privately notify us of the issue before making any public disclosure.
- Allow a reasonable amount of time for us to address the vulnerability before you disclose it publicly.
We appreciate your contributions to making our project more secure. Thank you for working with us to protect the community.