Skip to content

Commit 343bfce

Browse files
committed
Create SECURITY.md
1 parent fc9826a commit 343bfce

File tree

1 file changed

+17
-0
lines changed

1 file changed

+17
-0
lines changed

.github/SECURITY.md

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
# Security Policy
2+
3+
## Supported Versions
4+
5+
Only the latest versions of Stack's server and client packages are supported. We do not provide security updates for older versions.
6+
7+
## Reporting a Vulnerability
8+
9+
Stack Auth practices [responsible disclosure](https://en.wikipedia.org/wiki/Coordinated_vulnerability_disclosure).
10+
11+
Please disclose security vulnerabilities responsibly by emailing us at responsible-disclosure@stack-auth.com. In this case:
12+
13+
- We will get back to you within 96 hours.
14+
- We will aim to get a fix released within 30 days, and disclose the issue, crediting you.
15+
- If we are unable to fix the issue within 90 days, we will disclose the issue publicly.
16+
17+
Please do not create GitHub issues with security vulnerabilities; instead, email us directly at the address above.

0 commit comments

Comments
 (0)