Skip to content

Latest commit

 

History

History
27 lines (19 loc) · 1.68 KB

SECURITY.md

File metadata and controls

27 lines (19 loc) · 1.68 KB

Security Policy

DO NOT REPORT SECURITY VULNERABILITIES FOR YOURAPPS HERE!

Only report issues for the website (//yourapps.cyou/) here. If you found a security vulnerability in yourapps, please contact one of the developers.

Supported Versions

Branch Supported
master
anything else

Reporting a Vulnerability

To report a vulnerability:

  1. Ensure the bug/behaviour is reproducable, and is on the master branch (production, usually live at //yourapps.cyou/)
  2. Make sure you've captured all of the steps required to reproduce it.
  3. Preferrably, get a screen recording or screenshots of the bug happening (censor as much as you want, so long as it isn't needed to see the bug).
  4. (Optional) Have a look through our source code - Try to locate the bug. (For reference, all of our staticfiles are housed in /html and the main server file is main.py
  5. If you followed step 4, open a pull request, and if not, please open an issue. Prefix this with [security] so it will be seen sooner.
  6. If the security vulnerability is critical, please join our discord server (alt link) and ping developers.

Security reports will be looked into as soon as possible. We request that you don't release any security details (outside of your PR/issue) or encourage people to reproduce it.

If we have not fixed the bug after 14 days, you are free to do whatever you would like with the information. Just don't be a bad person, basically.