Skip to content

Latest commit

 

History

History
36 lines (21 loc) · 1.88 KB

SECURITY.md

File metadata and controls

36 lines (21 loc) · 1.88 KB

Security Policy

Reporting a Vulnerability

If you believe you have found a security vulnerability in this package, please follow these guidelines to report it:

  1. Send an email to [email protected] with the subject line "Security Vulnerability in igist".
  2. Include a detailed description of the vulnerability, including steps to reproduce (if applicable).
  3. Provide any additional information that might aid in reproducing or understanding the issue.

Scope

This security policy applies to the igist package maintained by Karim Aziiev.

Response Timeline

We will make our best effort to respond to and address security vulnerabilities as quickly as possible. However, please note that the response time may vary depending on the complexity and severity of the reported issue.

Disclosure Guidelines

Once a security vulnerability has been identified and confirmed, we will follow these guidelines for disclosure:

  • We will work with the reporter to reproduce and understand the vulnerability.
  • We will investigate and develop a fix for the vulnerability.
  • We will coordinate the release of a patched version of the package.
  • We will notify the reporter of the vulnerability disclosure timeline, ensuring reasonable time for the reporter to update their systems or projects.

Please note that we will prioritize the security of our users, and may publicly disclose the issue and its resolution after an appropriate timeline has passed or if the vulnerability has been actively exploited.

Vulnerability Management

We are committed to continuously monitoring and improving the security of our package. If you have any suggestions or feedback regarding security-related matters, please contact us at [email protected].

We appreciate your help in keeping our package and its users secure.

This security policy is adapted from the Open Source Security Policy template by OpenSSF.