mirror of
https://github.com/kjanat/articulate-parser.git
synced 2026-01-16 13:02:08 +01:00
45 lines
1.7 KiB
Markdown
45 lines
1.7 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
Currently, the following versions of Articulate Rise Parser are supported with security updates:
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| 1.0.x | :white_check_mark: |
|
|
| < 1.0 | :x: |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
We take the security of Articulate Rise Parser seriously. If you believe you have found a security vulnerability, please follow these steps:
|
|
|
|
1. **Do not disclose the vulnerability publicly** - Please do not create a public GitHub issue for security vulnerabilities.
|
|
2. **Email the details to [security+articulate-parser@kjanat.com]** - Include as much information as possible about the vulnerability.
|
|
3. **Wait for a response** - We will acknowledge your email within 48 hours and provide an estimated timeline for a fix.
|
|
4. **Work with us** - We may ask for additional information to help us understand and address the issue.
|
|
|
|
## What to Include in a Report
|
|
|
|
When reporting a vulnerability, please include:
|
|
|
|
- A clear description of the issue
|
|
- Steps to reproduce the vulnerability
|
|
- The potential impact of the vulnerability
|
|
- Any possible mitigations you've identified
|
|
|
|
## What to Expect
|
|
|
|
- We will acknowledge receipt of your vulnerability report within 48 hours.
|
|
- We will provide regular updates about our progress.
|
|
- We will notify you when the vulnerability is fixed.
|
|
- With your permission, we will include your name in the acknowledgments.
|
|
|
|
## Security Measures
|
|
|
|
This project follows these security practices:
|
|
|
|
- Regular dependency updates via Dependabot
|
|
- CodeQL security scanning
|
|
- Automated testing for each pull request
|
|
- Code review requirements for all changes
|