If you believe you have found a security vulnerability in our project, we appreciate your help in disclosing it to us in a responsible manner. Please follow these guidelines:
-
Do Not Disclose Publicly: Please do not disclose the issue publicly until we have had a chance to address it.
-
Submit a Report: Send us a detailed report with information about the vulnerability, including:
- A brief description of the vulnerability.
- Steps to reproduce the vulnerability.
- Any related information, such as affected versions.
-
Contact Us Privately: Report the issue privately to our email at [email protected].
Once we receive your report, we will do the following:
-
Acknowledge Receipt: We will acknowledge the receipt of your report within [timeframe, e.g., 48 hours].
-
Assessment: Our team will investigate and assess the reported vulnerability.
-
Release a Fix: If a vulnerability is confirmed, we will work on a fix and release it as soon as possible.
-
Public Disclosure: Once the fix is released, we will coordinate with you to determine the appropriate time for public disclosure.
Only the latest stable release of the project is actively supported with security updates. If you are using an older version, we recommend upgrading to the latest release.
We will do our best to address security issues promptly. To stay informed about security updates, please watch our repository for releases and enable security alerts for this repository.
This Security Policy applies to vulnerabilities discovered in the project's codebase and does not cover issues in dependencies. However, we encourage you to report such issues, and we will work with relevant maintainers to address them.
We believe in responsible disclosure and appreciate your cooperation in making our project more secure. We are committed to acknowledging and addressing security issues promptly.
Thank you for helping us keep our project safe and secure!
4urcloud