-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
43 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| # Security Policy | ||
|
|
||
| ## Supported Versions | ||
|
|
||
| This repository is committed to providing security updates for the following versions: | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
| | .Models > 2.0 | :white_check_mark: | | ||
| | .Parser > 2.0 | :white_check_mark: | | ||
| | .Verificator > 2.0 | :white_check_mark: | | ||
|
|
||
| Ensure that you are using one of the supported versions to receive timely security updates. Deprecated versions may not receive prompt attention for security issues. | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| We take security seriously and encourage the responsible disclosure of vulnerabilities. If you discover a security issue, please follow these guidelines: | ||
|
|
||
| ### 1. Reporting Process: | ||
| - Direct all security-related communication to info@shoshins.com. | ||
| - Provide a detailed description of the vulnerability, including steps to reproduce if possible. | ||
| - Include any relevant logs, screenshots, or other supporting information. | ||
|
|
||
| ### 2. Response Time: | ||
| - You can expect an initial response within 72 hours of your report. | ||
| - We will keep you informed about the progress of the resolution. | ||
|
|
||
| ### 3. Vulnerability Assessment: | ||
| - Our team will assess the reported vulnerability and determine its validity. | ||
|
|
||
| ### 4. Resolution: | ||
| - If the vulnerability is accepted, we will work to address and patch it promptly. | ||
| - If the vulnerability is declined, we will provide a detailed explanation of our decision. | ||
|
|
||
| ### 5. Security Updates: | ||
| - Security patches will be released as soon as they are available and verified. | ||
|
|
||
| ### 6. Coordinated Disclosure: | ||
| - We appreciate responsible disclosure and may request that you do not publicly disclose the vulnerability until a fix is in place. | ||
|
|
||
| Your cooperation in responsible disclosure helps us maintain the security of the project. Thank you for contributing to the safety and integrity of the Apple Receipt project. | ||
|
|
||
|
|