mirror of https://github.com/itflow-org/itflow
31 lines
1.5 KiB
Markdown
31 lines
1.5 KiB
Markdown
# Security Policy
|
|
|
|
## **Please do NOT report security concerns/vulnerabilities publicly (Github issues/forum)**
|
|
|
|
---
|
|
|
|
## In Beta
|
|
|
|
ITFlow is currently in beta and is a work in progress.
|
|
|
|
**We take security seriously.** Whilst we are confident the code is safe, nothing in life is 100% safe or risk-free. You should use your best judgment before entering confidential information into the app.
|
|
|
|
We attempt to follow security best practices where possible, including [automated code scanning](https://sonarcloud.io/component_measures?id=itflow-org_itflow&metric=security_rating&view=list).
|
|
|
|
[](https://sonarcloud.io/summary/new_code?id=itflow-org_itflow)
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| Beta | :white_check_mark: |
|
|
| 1.0 | Yet to be released |
|
|
|
|
## Reporting a Vulnerability via GitHub Security Advisories
|
|
|
|
**Security contact: [GitHub Security Advisories](https://github.com/itflow-org/itflow/security/advisories/new)**
|
|
|
|
If you have discovered a security issue, please **[report it](https://github.com/itflow-org/itflow/security/advisories/new)** to us in as much detail as possible, so we can fix it.
|
|
|
|
You should expect to receive an initial acknowledgement within 72 hours. If you don't receive any feedback, we may have missed the initial email from GitHub (we're human!). Please raise a forum discussion quoting ONLY the assigned GHSA ref.
|