We take security seriously and aim to ensure that commitfy is safe and secure for all users. Below is a list of versions of commitfy that are currently supported with security updates:
| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| < 0.1.x | ❌ |
If you discover a security vulnerability within commitfy, we encourage you to report it as soon as possible. Please follow the steps below to report the issue:
- Do not open a public issue on the repository or discuss the vulnerability in public forums.
- Contact us directly at [email protected] with the details of the vulnerability.
- Provide as much information as possible to help us understand and replicate the issue. This may include:
- A description of the vulnerability and its potential impact.
- Steps to reproduce the vulnerability.
- Any proof of concept code.
- Your recommendations for mitigation or remediation.
We will acknowledge receipt of your report within 48 hours and work to resolve the issue promptly. We will keep you informed of the progress and may reach out to you for further information or clarification if needed.
To ensure the safety of our users, we follow a responsible disclosure process. This means that we will not disclose the details of a security vulnerability until we have had the opportunity to investigate, develop, and release a fix. We appreciate your cooperation in helping us maintain the security and integrity of commitfy.
We will release security updates as necessary to address vulnerabilities. If a fix requires a new version of commitfy, we will communicate this through our regular release channels, including the project's GitHub releases page.