Security (#55)

* Invite Members Added * Chat set to correct * Vulnebarility added
bilalmohib · Apr 25, 2023 · ad90148 · ad90148 · vercel · Apr 25, 2023
1 parent e57867c
commit ad90148
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,30 @@
+# Security Policy
+
+## Supported Versions
+
+The following table shows which versions of the TaskEncher project are currently being supported with security updates:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+To report a vulnerability in TaskEncher, please follow these steps:
+
+- Visit the TaskEncher repository and locate the "Issues" tab.
+- Click on "New issue" and choose the appropriate template for reporting a security vulnerability.
+- Provide a detailed description of the vulnerability, including any relevant steps to reproduce, potential impact, and suggested mitigation measures.
+- Submit the issue and wait for a response from the project maintainers.
+
+Once a vulnerability has been reported, you can expect the following:
+
+- The maintainers will acknowledge receipt of the report within 48 hours.
+- They will investigate the reported vulnerability and work on a fix or mitigation strategy.
+- You will receive regular updates on the progress of addressing the vulnerability, at least once a week.
+- If the vulnerability is accepted, the maintainers will release a patch or update to address it, along with proper credit given to the reporter.
+- If the vulnerability is declined, the maintainers will provide a clear explanation of their decision.
+- Please note that public disclosure of the vulnerability before the maintainers have addressed it may result in immediate disqualification from any acknowledgments or rewards.