-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
25 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| # Security Policy | ||
|
|
||
| ## Reporting Security Vulnerabilities | ||
| If you discover any security vulnerabilities in this project, please report them immediately by creating a issue in the [ascii-table/issue](https://github.com/ManojTGN/ascii-table/issues) section. We take security concerns seriously and will respond promptly to your report. | ||
|
|
||
| ## Scope | ||
| This security policy covers all aspects of the project, including but not limited to code vulnerabilities, data security, and access control. | ||
|
|
||
| ## Response Time | ||
| We strive to acknowledge security vulnerability reports within 1-2 business days. We will promptly investigate the reported issue and provide updates on the progress of mitigation and resolution. | ||
|
|
||
| ## Investigation Process | ||
| Upon receiving a security vulnerability report, we will follow these steps: | ||
| 1. **Triage**: We will assess the reported vulnerability to determine its validity and potential impact. | ||
| 2. **Analysis**: We will conduct a thorough analysis of the vulnerability to understand its root cause and scope. | ||
| 3. **Mitigation**: We will develop and test patches or fixes to address the vulnerability. | ||
| 4. **Communication**: We will maintain open communication with the reporter throughout the investigation and resolution process, providing regular updates on our progress. | ||
| 5. **Disclosure**: Once a fix is developed and deployed, we will disclose information about the vulnerability and its resolution to the public, while ensuring that sensitive details are not disclosed prematurely to prevent exploitation. | ||
|
|
||
| ## Disclosure Policy | ||
| We are committed to responsible disclosure practices. We will coordinate with the reporter and other affected parties to ensure that vulnerabilities are disclosed in a timely and coordinated manner. Our goal is to protect the security of our users while minimizing the risk of exploitation. | ||
|
|
||
| ## Patch Release Schedule | ||
| Security patches and updates will be released as soon as fixes are available and tested. We aim to deploy patches promptly to minimize the window of exposure to potential threats. | ||
|
|