mirror of
https://github.com/Kaelio/ktx.git
synced 2026-06-07 07:55:13 +02:00
73ef0afc13
Documents the private reporting channel (GitHub Security Advisories with support@kaelio.com as fallback), what reporters should include, and the supported-version policy. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1 KiB
1 KiB
Security Policy
Reporting a vulnerability
If you believe you've found a security vulnerability in KTX, please report it privately through GitHub Security Advisories:
If you cannot use GitHub Security Advisories, email support@kaelio.com
instead. Please do not open a public issue, post in the KTX Slack, or
share details elsewhere until we have published a fix.
When reporting, please include:
- A description of the issue and its impact
- Steps to reproduce
- The KTX version affected
What to expect
- We will acknowledge your report within a few business days.
- We will work with you to verify the issue and develop a fix.
- We will credit you in the resulting advisory unless you prefer to remain anonymous.
Supported versions
We provide security fixes for the latest released version of
@kaelio/ktx. Older versions
may receive fixes at the maintainers' discretion.