Skip to content

Security: samber/do-template-api

SECURITY.md

Security Policy

Reporting a Vulnerability

I take the security of my projects seriously. If you believe you have found a security vulnerability in any of my repositories, please report it responsibly.

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, please use one of the following private channels:

Please include as much of the following information as possible to help me understand and resolve the issue quickly:

  • The type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
  • Full paths of the source file(s) related to the issue
  • The location of the affected source code (tag/branch/commit or direct URL)
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code (if possible)
  • The impact of the issue, including how an attacker might exploit it

Response Process

  • I will acknowledge receipt of your report within 5 business days.
  • I will investigate and keep you informed of the progress.
  • Once the vulnerability is confirmed and fixed, I will publish a security advisory and, with your consent, credit you for the discovery.

Supported Versions

Unless otherwise stated in a specific repository, only the latest released version of each project receives security updates. Please make sure you are running the most recent version before reporting an issue.

Disclosure Policy

Please give me a reasonable amount of time to address the issue before any public disclosure. I am committed to resolving valid reports promptly and coordinating disclosure with you.

Thank you for helping keep these projects and their users safe.

There aren't any published security advisories