AISdb is committed to maintaining the security of our software and promptly addressing security vulnerabilities. The following table provides an overview of the versions of AISdb currently receiving security updates:
Version | Supported |
---|---|
> 1.7.0 | ✅ |
< 1.7.1 | ❌ |
The AISdb team takes security vulnerabilities seriously. If you discover a security issue within AISdb, please report it by following the guidelines below. This allows us to assess the risk and take the necessary steps to mitigate the vulnerability as quickly as possible.
- Email: Send an email to aisviz@dal.ca. Please include a detailed description of the issue, including the steps to reproduce the vulnerability. If possible, include patches, scripts, or other resources that could help evaluate the vulnerability.
- GitHub Issue: For vulnerabilities that do not immediately impact the security of the project or its users (such as potential optimizations or best practices), consider opening a GitHub issue on our repository.
- Acknowledgment: You can expect to receive an acknowledgment of your report within 72 hours.
- Communication: We will keep you informed of your report's status, including the vulnerability assessment, throughout the resolution process.
- Confidentiality: Please keep the communication regarding the security issue confidential until we have assessed the impact and publicly disclosed the vulnerability.
- Disclosure: Once the vulnerability has been addressed, we will provide a report about the issue, the steps taken to resolve it, and any applicable acknowledgments to those who reported it.
We appreciate your support in making AISdb more secure. By following these guidelines, we can work together to ensure the security and integrity of the AISdb project.