Use this section to tell people about which versions of your project are currently being supported with security updates.
Version | Supported |
---|---|
5.1.x | ✅ |
5.0.x | ❌ |
4.0.x | ✅ |
< 4.0 | ❌ |
Use this section to tell people how to report a vulnerability.
Tell them where to go, how often they can expect to get an update on a reported vulnerability, what to expect if the vulnerability is accepted or declined, etc.
Use this section to instruct people on how to report a vulnerability.
If you discover a security vulnerability in the "python-projects" repository owned by "mrayanasim", please report it to us by creating a new issue here and including detailed information about the vulnerability. We appreciate your responsible disclosure and will address the issue as quickly as possible.
When reporting a vulnerability, please include the following information:
- Description: A clear and concise description of the vulnerability.
- Steps to Reproduce: Provide the steps necessary to reproduce the vulnerability.
- Expected Behavior: Describe what you expected to happen when following the steps.
- Actual Behavior: Explain what actually happened when following the steps.
- Affected Versions: Specify which versions of the project are affected by the vulnerability.
- Impact: Assess the potential impact of the vulnerability.
We are committed to maintaining open communication with the security community and will acknowledge your report within [X business days]. Our team will review the vulnerability and may request additional information or clarifications if needed.
Once a vulnerability is reported, we will evaluate it promptly and prioritize our response based on the severity and impact of the vulnerability. We will strive to provide regular updates on the progress of the vulnerability fix and an estimated timeline for its resolution.
If the vulnerability is accepted, we will work on developing and implementing a patch or a security update. Once the fix is available, we will release a new version that addresses the reported vulnerability.
If the vulnerability is deemed out of scope, we will notify you and explain the reason for the decision. Please note that we may not be able to address every reported vulnerability if it falls outside the scope of our project.
We value the security community's contribution to improving the security of our project and appreciate your efforts in keeping our users safe. Thank you for your help!
As security vulnerabilities are addressed and fixes become available, we strongly recommend keeping your project up to date with the latest version. This ensures that you have the latest security enhancements and protections.
Make sure to regularly check the releases page of the "python-projects" repository owned by "mrayanasim" for updates and follow the upgrade instructions provided in the release notes.
Please note that older versions of the project may no longer receive security updates and could be vulnerable to known exploits. It is advisable to upgrade to a supported version to maintain a secure environment.
Note: This security policy template is intended as a starting point and should be tailored to fit your specific project and processes.