The table below indicates the versions of our project that are currently supported with security updates. We commit to delivering security updates and addressing vulnerabilities for supported versions to ensure the safety and integrity of our users’ experience.
| Version | Supported |
|---|---|
| 0.1.x^ | ✅ |
| 0.0.x | ❌ |
If you have identified a potential security issue within our project, we encourage you to report it as promptly as possible. Please submit all reports concerning vulnerabilities through the following method:
- Email: [email protected]
Upon receipt of your report, we commit to the following response process:
- Initial Assessment: We will investigate the reported vulnerability and assess its impact within approximately one week. This timeframe allows us to adequately analyze the potential impact and develop appropriate mitigation strategies.
- Communication: You can expect to receive an update on the status of your report at regular intervals. We will inform you of the progress made in addressing the issue.
- Resolution: Should your report lead to a change or an update, acknowledgements will typically be given in our project release notes, unless requested otherwise.
As of now, our project does not offer financial compensation for bug bounty programs due to the absence of funding. However, this policy may be subject to future revisions as the project's funding situation evolves. We value the critical role that security researchers play in our community and aim to establish a more formalized bug bounty program in the future.
We appreciate your support and cooperation in keeping our project secure. Your efforts to responsibly disclose security issues are highly valued and play a vital role in maintaining the trust and safety of our software.