If you discover a security vulnerability within GitSpotLight, we appreciate your help in disclosing it to us responsibly. Please follow these guidelines to report any security-related issues.
-
DO NOT publicly disclose the vulnerability until it has been addressed by the project maintainers.
-
Submit a detailed report to our security team via email at [email protected]. Please include the following information:
- A clear description of the vulnerability and the potential impact.
- Steps to reproduce the vulnerability, including any relevant code snippets or examples.
- Any other information that can help us understand and address the issue.
-
We will review your report and respond as quickly as possible. Please allow a reasonable amount of time for us to investigate and address the vulnerability.
GitSpotLight is an open-source project that receives regular updates and improvements. As such, we prioritize addressing security vulnerabilities in the latest release. We encourage all users to keep their installations up to date with the latest version.
If you are using an older version of GitSpotLight and encounter a security issue, please consider upgrading to the latest version and checking if the issue persists. If it does, please report it following the steps mentioned above.
GitSpotLight takes security seriously and strives to follow best practices to protect the project and its users. This includes:
- Regularly updating dependencies to include security patches.
- Performing security audits and code reviews.
- Maintaining secure coding practices and following industry-standard security guidelines.
We appreciate the responsible disclosure of security vulnerabilities and would like to extend our gratitude to the individuals and researchers who help us improve the security of GitSpotLight.