diff --git a/SECURITY.md b/SECURITY.md index dc3abb25..06fe4ce3 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,28 +1,37 @@ # Security Policy -Your security is of utmost importance to us. This document outlines our commitment to ensuring that our software remains secure, how we handle vulnerabilities, and what you can do if you find one. +Your security is of utmost importance to us. This document outlines our commitment to ensuring that our software remains +secure, how we handle vulnerabilities, and what you can do if you find one. ## Supported Versions -Security updates will be applied to certain versions of our software. Please refer to the table below to understand which versions are currently supported for security patches. +Security updates will be applied to certain versions of our software. Please refer to the table below to understand +which versions are currently supported for security patches. | Version | Supported | Notes | |---------|--------------------|----------------------------------------| -| 1.6.x | :white_check_mark: | Current version, fully supported. | -| 1.5.x | :x: | Not supported, please upgrade to 1.6.x | -| 1.4.x | :x: | Not supported, please upgrade to 1.6.x | -| 1.3.x | :x: | Not supported, please upgrade to 1.6.x | -| 1.2.x | :x: | Not supported, please upgrade to 1.6.x | -| 1.1.x | :x: | Not supported, please upgrade to 1.6.x | -| 1.0.x | :x: | Not supported, please upgrade to 1.6.x | +| 2.0.x | :white_check_mark: | Current version, fully supported. | +| 1.6.x | :x: | Not supported, please upgrade to 2.0.x | +| 1.5.x | :x: | Not supported, please upgrade to 2.0.x | +| 1.4.x | :x: | Not supported, please upgrade to 2.0.x | +| 1.3.x | :x: | Not supported, please upgrade to 2.0.x | +| 1.2.x | :x: | Not supported, please upgrade to 2.0.x | +| 1.1.x | :x: | Not supported, please upgrade to 2.0.x | +| 1.0.x | :x: | Not supported, please upgrade to 2.0.x | ## Reporting a Vulnerability -We appreciate the effort of security researchers and the general public in helping us maintain the security of our software. Here’s how you can report a vulnerability: +We appreciate the effort of security researchers and the general public in helping us maintain the security of our +software. Here’s how you can report a vulnerability: -1. **Creating an Issue**: Visit our GitHub repository and [create an issue](https://github.com/bumble-tech/bumble-doc-gen/issues) detailing the vulnerability. Please label the issue as "security" for quicker identification. -2. **Details Matter**: When reporting, please provide as much detail as possible. This includes steps to reproduce, potential impact, and any other information that might help us understand the severity and nature of the vulnerability. -3. **Stay Responsible**: Avoid disclosing public details about the vulnerability until we've had a chance to address it. This ensures that our users remain protected. +1. **Creating an Issue**: Visit our GitHub repository + and [create an issue](https://github.com/bumble-tech/bumble-doc-gen/issues) detailing the vulnerability. Please label + the issue as "security" for quicker identification. +2. **Details Matter**: When reporting, please provide as much detail as possible. This includes steps to reproduce, + potential impact, and any other information that might help us understand the severity and nature of the + vulnerability. +3. **Stay Responsible**: Avoid disclosing public details about the vulnerability until we've had a chance to address it. + This ensures that our users remain protected. ## Our Commitment @@ -31,7 +40,8 @@ Upon receiving a security vulnerability report: 1. We will confirm the receipt of the report and begin an initial assessment. 2. We will work to verify the vulnerability and ascertain its potential impact. 3. If required, we will release patches for the affected versions. -4. We will recognize your efforts in our changelog and other public communications, unless you prefer to remain anonymous. +4. We will recognize your efforts in our changelog and other public communications, unless you prefer to remain + anonymous. ## Further Recommendations @@ -43,4 +53,5 @@ We recommend all users to: --- -Your security is a collaborative effort, and we are grateful for your trust and participation in keeping our library safe and reliable. +Your security is a collaborative effort, and we are grateful for your trust and participation in keeping our library +safe and reliable.