Skip to content

Latest commit

 

History

History
19 lines (11 loc) · 1.07 KB

SECURITY.md

File metadata and controls

19 lines (11 loc) · 1.07 KB

Security Policy of Diplomatiq

Reporting a vulnerability

At Diplomatiq, security is always in primary focus. We would like to thank you for your security contributions.

  1. Please email us the found vulnerability — with detailed description — to the [email protected] address.
  2. Your email will be acknowledged within 48 hours by the Security Team.
  3. You will receive a detailed response about the next steps of handling the vulnerability within total 96 hours. The Security Team will do their best to keep you informed about the progress towards fixing and publicly announcing the vulnerability, and may ask for additional input.

Security issues found in a third-party module should be reported directly to the maintainers of the affected third-party module.

Disclosure policy

After fixing the vulnerability, Diplomatiq will disclose the security vulnerability in the release notes of the affected module's subsequent release, in the Security Bulletin section.

Feedback is always welcome

Please report suggestions on improving this policy by opening a pull request.