1
0
Fork 0
mirror of https://github.com/xHyroM/lighteco.git synced 2024-11-21 14:31:09 +01:00

docs: add SECURITY.md

This commit is contained in:
Jozef Steinhübl 2023-10-12 18:12:31 +02:00 committed by GitHub
parent ca5086621b
commit 9454f2db90
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

36
SECURITY.md Normal file
View file

@ -0,0 +1,36 @@
# Security Policy
## Supported Versions
LightEco is currently in alpha version, which means it's still not done. As such, it may contain bugs or other issues. We are working hard to improve the plugin and fix any problems that are found, but we encourage users to report any issues they encounter to us so that we can address them as quickly as possible.
| Version | Supported |
| ------- | ------------------ |
| 0.x.x | :white_check_mark: |
## Reporting a Vulnerability
If you find a security vulnerability, please report it to us as soon as possible. We take security very seriously and we appreciate your help in keeping our plugin safe.
**How to report a vulnerability**
You can report a vulnerability to us by:
* **Discord:** Contact me on Discord at [`xhyrom`](https://s.xhyrom.dev/discord-user).
* **Email:** Send an email to `github@xhyrom.dev`.
**What to expect when reporting a vulnerability**
We will investigate your report as soon as possible. We will typically provide you with an update within 24 hours.
If the vulnerability is accepted, we will work to fix it as quickly as possible. We will notify you when the fix is released.
If the vulnerability is declined, we will provide you with a reason for the decision.
**What to include in your report**
When reporting a vulnerability, please include the following information:
* **A detailed description of the vulnerability.** This should include how the vulnerability can be exploited and what impact it could have.
* **Steps to reproduce the vulnerability.** This will help us to quickly investigate the issue.
* **Any additional information that you think may be helpful.** This could include screenshots, code samples, or other relevant data.