The following versions of the Repo-Booster Documentation Site are actively maintained and monitored for security issues:
| Version | Supported | Notes |
|---|---|---|
| 1.x | ✅ Actively supported | Latest stable release |
| 0.x | ❌ No longer supported | Please upgrade to 1.x |
If you identify a security issue related to the documentation website (e.g., broken links exposing private resources, content injection, misconfigurations), please follow the responsible disclosure guidelines below:
-
Report via Email
Contact the documentation maintainers by sending an email to [email protected] with the following details:- Description of the vulnerability.
- Steps to reproduce the issue (if applicable).
- Suggested fixes or insights (if available).
-
Use Private Communication
Do not open a public issue on GitHub for security-related matters. -
Response Time
- We will acknowledge your report within 48 hours.
- The team will investigate and resolve the issue within 5-7 business days.
The scope of this security policy covers the following areas:
-
Static Content Security
- No user input is processed. Vulnerabilities include incorrect links, private resource exposure, or injected content.
-
Infrastructure
- Issues related to deployment or hosting configurations, including leaks of sensitive environment variables or GitHub Actions workflows.
-
Third-Party Tools and Plugins
- Vulnerabilities in third-party libraries, themes, or plugins used to render the documentation site.
The following are outside the scope of this policy:
- Typos, grammar errors, or non-security-related issues in the documentation content.
- Feature requests or suggestions for improving the documentation.
- Security concerns unrelated to the documentation site's codebase or infrastructure.
Please open an issue on the Repo-Booster Documentation Repository for general feedback or corrections.
We appreciate responsible disclosure and will publicly acknowledge your contributions (unless you prefer to remain anonymous) in the following ways:
- Adding your name to the security acknowledgments section of the documentation site.
- Crediting your efforts in the relevant release notes.
- Security Team: [email protected]
- Maintainers: Repo-Booster Docs Team
Your vigilance and contributions help keep the Repo-Booster Documentation Site safe, secure, and reliable for all users. We value the efforts of researchers, developers, and security enthusiasts who help identify and report vulnerabilities.