The following table lists the versions of the project that are currently supported with security updates:
| Version | Supported |
|---|---|
| 3.x | ✅ |
| < 2.2 | ❌ |
If you discover a vulnerability in this project, please follow the steps below to report it:
-
Contact Information:
- Join the Discord Server: Ensure you are a member of the project's Discord server.
- Locate the Appropriate Channel or Contact: Find the security-related channel or a direct contact (usually an admin or a security team member).
- Send the Message: Copy and paste the prepared message into the appropriate channel or as a direct message to the responsible person.
-
What to Include:
- A detailed description of the vulnerability.
- Steps to reproduce the vulnerability.
- Any relevant logs, screenshots, or other supporting evidence.
-
Response Time:
- You will receive an initial acknowledgment of your report within 48 hours.
- Regular updates will be provided at least every 7 days until the issue is resolved.
-
Process:
- Your report will be reviewed and verified by our security team.
- If the vulnerability is confirmed, we will work on a fix and release a patch as soon as possible.
- If the vulnerability is not accepted, you will receive an explanation of why it was declined.
-
Confidentiality:
- We kindly ask you to keep the details of any vulnerabilities confidential until they are resolved.
- We appreciate your efforts to improve the security of our project and are committed to working with you to ensure any vulnerabilities are addressed promptly.
-
Credit:
- Once the vulnerability is fixed, we will publicly acknowledge your contribution, if you would like to be credited.
Thank you for helping us keep our project secure!