Skip to content

Latest commit

 

History

History
30 lines (20 loc) · 1.32 KB

SECURITY.md

File metadata and controls

30 lines (20 loc) · 1.32 KB

Security Policy

Supported Versions

Only the latest version of Lyra is supported with security updates.

Reporting a Vulnerability

Use this section to guide users on how to report vulnerabilities in the project.

Reporting Process

  1. If you discover a security vulnerability, please do not create an issue. Instead, send an email to [email protected].
  2. Include a detailed description of the vulnerability and steps to reproduce it.
  3. Our security team will acknowledge your email within 48 hours, and we will strive to keep you informed about the progress and resolution of the issue.
  4. Once the vulnerability is verified and fixed, a security advisory will be released.

Expectations

We aim to provide regular updates on the status of reported vulnerabilities. Vulnerabilities will be addressed promptly, and fixes will be released as soon as possible. If the reported vulnerability is accepted, we will credit the reporter in the security advisory.

Scope

Please note that this security policy applies to the following technologies and versions used in our monorepo project:

Backend: Kotlin with Spring Boot Frontend: TypeScript with Astro Issues related to other technologies or versions outside the specified scope may not be eligible for consideration.

Thank you for helping us keep our project secure!