PublicMirrors/hydra
1
0
Fork 0
mirror of https://github.com/hydralauncher/hydra.git synced 2025-01-23 05:24:55 +03:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity

docs: Create SECURITY.md

Browse Source
This commit is contained in:
Thales Euflauzino 2024-08-27 03:01:10 -03:00 committed by GitHub
parent c553697df9
commit e4917c1a07
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 68 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
SECURITY.md Normal file
View File

@ -0,0 +1,68 @@
# Security Policy
## Purpose of the Policy
The purpose of this Security Policy is to ensure the security of our project and maintain the trust of the community.
## Who is Affected by the Policy
This policy applies to all members of our project community, including developers, testers, repository administrators, and users.
## Supported Versions
Use this section to tell people about which versions of your project are
currently being supported with security updates.
| Version | Supported |
| ------- | ------------------ |
| 2.0.x | :white_check_mark: |
| < 1.2.0 | :x: |
## Development Recommendations
### Best Practices
- Follow secure coding principles.
- Use well-established libraries and frameworks.
- Regularly update dependencies.
- Conduct thorough testing, including security-related tests.
### Unrecommended Practices
- Do not use known vulnerabilities that have not been patched.
- Do not publish sensitive information such as API keys or passwords.
- Do not vote for changes that degrade the security of the project.
### User-Generated Content
- Ensure that user-generated content does not contain hidden threats.
- Be cautious when handling user data.
### Community Interaction
- Treat each other with respect and politeness.
- Do not spread spam or spam bots.
- Follow community guidelines.
### Vulnerability Discovery and Reporting
- If you discover a vulnerability, report it as an issue on GitHub.
- Your report should contain detailed information about the vulnerability, including steps to resolve it.
### Reporting Method
To report a vulnerability, create a new issue on GitHub and use branch isolation to provide details about the vulnerability.
### Details to Provide
Please provide the following information about the vulnerability:
- Description of the vulnerability
- Steps to resolve the vulnerability
- Versions on which the vulnerability was found
- Code examples illustrating the vulnerability (if it is safe to do so)
### Expected Behavior
- If we accept the reported vulnerability, we will release a patch and update the security information on GitHub.
- If we reject the reported vulnerability, we will provide an explanation.