A Guide to babyrite's Security Policy.
Since babyrite is currently in beta, only minor updates of the latest version are supported. Vulnerabilities are fixed only in minor updates and not backported to older versions.
Also, because of the possibility of destructive changes without prior notice, updates may change the behavior of the software and may cause incompatibility. Always check the patch notes.
If you find a serious security vulnerability in babyrite, you must follow the proper procedures to report it. DO NOT report in Issues.
The reporting procedure is as follows.
- Go to Security Advisories.
- Click on New draft security advisory.
- Fill in Advisory Details.
- See the GitHub Docs for more information on what to enter.
- Click on Create draft security advisory.
The advisory will be reviewed by the maintainer and released to the public.
Warning
DO NOT PUBLISH EXTERNALLY until full disclosure of the reported advisory has been made.