Skip to content

Commit 7f38e22

Browse files
ivankravetsivankravets
authored
Provide SECURITY.md
1 parent f71317d commit 7f38e22

File tree

1 file changed

+34
-0
lines changed

1 file changed

+34
-0
lines changed

Diff for: SECURITY.md

+34
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
# Security Policy
2+
3+
## Supported Versions
4+
5+
We are committed to ensuring the security and protection of PlatformIO Core.
6+
To this end, we support only the following versions:
7+
8+
| Version | Supported |
9+
| ------- | ------------------ |
10+
| 6.1.x | :white_check_mark: |
11+
| < 6.1 | :x: |
12+
13+
Unsupported versions of the PlatformIO Core may have known vulnerabilities or security issues that could compromise the security of our organization's systems and data.
14+
Therefore, it is important that all developers use only supported versions of the PlatformIO Core.
15+
16+
## Reporting a Vulnerability
17+
18+
We take the security of our systems and data very seriously. We encourage responsible disclosure of any vulnerabilities or security issues that you may find in our systems or applications. If you believe you have discovered a vulnerability, please report it to us immediately.
19+
20+
To report a vulnerability, please send an email to our security team at [email protected]. Please include as much information as possible, including:
21+
22+
- A description of the vulnerability and how it can be exploited
23+
- Steps to reproduce the vulnerability
24+
- Any additional information that can help us understand and reproduce the vulnerability
25+
26+
Once we receive your report, our security team will acknowledge receipt within 24 hours and will work to validate the reported vulnerability. We will provide periodic updates on the progress of the vulnerability assessment, and will notify you once a fix has been deployed.
27+
28+
If the vulnerability is accepted, we will work to remediate the issue as quickly as possible. We may also provide credit or recognition to the individual who reported the vulnerability, at our discretion.
29+
30+
If the vulnerability is declined, we will provide a justification for our decision and may offer guidance on how to improve the report or how to test the system more effectively.
31+
32+
Please note that we will not take any legal action against individuals who report vulnerabilities in good faith and in accordance with this policy.
33+
34+
Thank you for helping us keep our systems and data secure.

0 commit comments

Comments
 (0)