From 9454f2db9026ec99d3545b4a812f599ea41cc6b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jozef=20Steinh=C3=BCbl?= Date: Thu, 12 Oct 2023 18:12:31 +0200 Subject: [PATCH] docs: add SECURITY.md --- SECURITY.md | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..885d902 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,36 @@ +# Security Policy + +## Supported Versions + +LightEco is currently in alpha version, which means it's still not done. As such, it may contain bugs or other issues. We are working hard to improve the plugin and fix any problems that are found, but we encourage users to report any issues they encounter to us so that we can address them as quickly as possible. + +| Version | Supported | +| ------- | ------------------ | +| 0.x.x | :white_check_mark: | + +## Reporting a Vulnerability + +If you find a security vulnerability, please report it to us as soon as possible. We take security very seriously and we appreciate your help in keeping our plugin safe. + +**How to report a vulnerability** + +You can report a vulnerability to us by: + +* **Discord:** Contact me on Discord at [`xhyrom`](https://s.xhyrom.dev/discord-user). +* **Email:** Send an email to `github@xhyrom.dev`. + +**What to expect when reporting a vulnerability** + +We will investigate your report as soon as possible. We will typically provide you with an update within 24 hours. + +If the vulnerability is accepted, we will work to fix it as quickly as possible. We will notify you when the fix is released. + +If the vulnerability is declined, we will provide you with a reason for the decision. + +**What to include in your report** + +When reporting a vulnerability, please include the following information: + +* **A detailed description of the vulnerability.** This should include how the vulnerability can be exploited and what impact it could have. +* **Steps to reproduce the vulnerability.** This will help us to quickly investigate the issue. +* **Any additional information that you think may be helpful.** This could include screenshots, code samples, or other relevant data.