Skip to content

Latest commit

 

History

History
48 lines (42 loc) · 2.07 KB

SECURITY.md

File metadata and controls

48 lines (42 loc) · 2.07 KB

Security Policy

At UnifierHQ, we take user safety very seriously. We always try to implement features that help minimize or eliminate the effects malicious actors can have on our community. However, we understand we are not perfect, and there may be vulnerabilities in our code that may impact the safety of hosters and users every now and then.

Supported Versions

This plugin will receive at least 2 months of bug fixes and security updates after being superseded by a newer series. All EoL dates are in dd/mm/yyyy format.

Version Type Supported EoL
1.2.x release ✅ Supported Not legacy
< 1.1 eol ❌ Unsupported EoL

What do the types mean?

  • release: This is the newest series and is in active development.
  • legacy: This is an older series that will continue to receive bug patches and security updates.
  • extended: This is an older series that should have been discontinued but continues to receive updates due to special circumstances.
  • eol: This series is no longer maintained.

Reporting a Vulnerability

When you have found a vulnerability, DO NOT open a bug report. These reports will be taken down and may result in sanctions.

Instead, please either DM a developer on Discord, or report the vulnerability to us, so we can privately patch the vulnerability.

What counts as a vulnerability?

Here are examples of what you should report to us as security vulnerabilities:

  • A bug in the code that allows third parties to get access to moderator permissions
  • A bug in the code that allows third parties to execute malicious code on your system
  • etc.

And examples of what you shouldn't report to us:

  • Lack of protection against certain server raid types (this is better off as a feature suggestion)
  • Lack of certain moderation tools (this is better off as a feature suggestion)
  • Unprofessional moderation on Unifier instances (sort this out with your instance's admins)
  • etc.