To mitigate the risks and ensure the security of this set of libraries, all submitted pull requests must be checked for vulnerabilities using code scanning tools: Sonarqube and CodeQL. If the PR contains vulnerabilities with severity is greater than or equal middle severity, then the PR cannot be merged.
| Version | Supported |
|---|---|
| 8.x.x | ✅ |
| 6.x.x | ❌ |
| 5.x.x | ❌ |
| 3.1.x | ❌ |
| < 3.1 | ❌ |
Security issues and bugs should be reported privately, via email, to the Raiffeisen .NET Community through by emailing [email protected]. Please, specify [SEC] Reporting a Vulnerability on the message Subject. You should receive a response within 48 hours.
❗ IMPORTANT: Please do not open issues on the repository issue tracker for anything you think might have a security implication.