We actively maintain and update certain versions of the project with security patches. Below is a table indicating the supported versions:
| Version | Supported |
|---|---|
| 5.1.x | β Yes |
| 5.0.x | β No |
| 4.0.x | β Yes |
| < 4.0 | β No |
Note: We follow Semantic Versioning (semver), meaning:
- Major versions (e.g., 5.x, 4.x) include breaking changes.
- Minor/patch versions (e.g., 5.1.x, 4.1.x) include improvements and security fixes.
Please ensure you are using a supported version for the latest updates and security patches. π¨
If you believe you've found a security vulnerability in this project, please follow the responsible disclosure process below. We appreciate your help in keeping the project secure! π
- Email: Send a detailed description of the vulnerability to Armoghan16@gmail.com.
When submitting a report, please provide as much detail as possible to help us understand and address the issue quickly:
- A clear and concise description of the vulnerability.
- Steps to reproduce the issue (if applicable).
- Possible impact or exploitations of the vulnerability.
- Any remediation suggestions or fixes you may have.
We take security vulnerabilities seriously, and we aim to resolve them as quickly as possible. Here's our typical timeline:
- Acknowledgment: We'll acknowledge your report within 3 business days.
- Review: We'll review and confirm the vulnerability, and communicate next steps within 7 business days.
- Fix and Disclosure: If confirmed, a fix will be rolled out in the next release.
- If the vulnerability is confirmed, a fix will be implemented and released in the next version.
- You'll receive credit (if desired) for reporting the issue. Thank you for contributing to the security of the project! π
- If the vulnerability is not accepted, we will explain our reasoning and may request additional clarification if needed.
We are dedicated to maintaining a secure environment for all users of this project. Your help in reporting vulnerabilities ensures that we can continue to improve and protect the community. πͺ
Please do not publicly disclose the vulnerability until the fix is released to allow us to mitigate potential risks. π«
- π Code of Conduct
- π₯ Contribution Guidelines
- π License
Thank you for helping us keep this project safe! π‘οΈ