If you discover a security issue, please bring it to my attention right away! 🔒
This document outlines security procedures and general policies for the Free Open-Sources is provided by StephanusDai.
- Reporting a Bug
- Safe harbor for Security
- Supported Versions
- Disclosure Policy
- Comments on this Policy
Please DO NOT file a public issue to report a security vulberability,
instead send your report privately to wiefunk@stephanusdai.web.id
This will help ensure that any vulnerabilities that are found can be disclosed responsibly to any affected parties.
Supports safe harbor for security researchers who:
- Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services
- Only interact with accounts you own or with explicit permission of the account holder. If you do encounter Personally Identifiable Information (PII) contact us immediately, do not proceed with access, and immediately purge any local information
- Provide us with a reasonable amount of time to resolve vulnerabilities prior to any disclosure to the public or a third-party
- We will consider activities conducted consistent with this policy to constitute “authorised” conduct and will not pursue civil action or initiate a complaint to law enforcement. We will help to the extent we can if legal action is initiated by a third party against you
Please submit a report to us before engaging in conduct that may be inconsistent with or unaddressed by this policy.
Project versions that are currently being supported with security updates vary per project. Please see specific project repositories for details. If nothing is specified, only the latest major versions are supported.
When the security team receives a security bug report, they will assign it to a primary handler. This person will coordinate the fix and release process, involving the following steps:
- Confirm the problem and determine the affected versions.
- Audit code to find any potential similar problems.
- Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible to npm.
If you have suggestions on how this process could be improved please submit a pull request.
Visit Website · Global Issues · Global Discussions · Global Wiki
Copyright © ID 2023 Stephanus Bagus Saputra (www.stephanusdai.web.id)
All rights reserved.