mirror of
https://github.com/Kaelio/ktx.git
synced 2026-06-16 08:25:14 +02:00
41f52797de
* fix(release): point repository URLs at renamed GitHub repo The GitHub repo was renamed from Kaelio/ktx to Kaelio/ktx-ai-data-agents-context. semantic-release reads repositoryUrl from package.json's repository field and the @semantic-release/github plugin failed verifyConditions with EMISMATCHGITHUBURL because it no longer matched the live clone URL. Update every Kaelio/ktx reference to the renamed repo: package metadata (root + CLI repository/bugs/homepage), the codecov upload slugs and star-history slug in CI, the issue-template and security-advisory links, the release runbook, and all docs/install commands. * fix(release): derive semantic-release repositoryUrl from the CI repo @semantic-release/github exact-matches repositoryUrl against the live GitHub clone_url (no redirect following), so any repo rename re-breaks the release when repositoryUrl is the static package.json value. Derive repositoryUrl from the runner's GITHUB_REPOSITORY/GITHUB_SERVER_URL so it always tracks the current repo name. A future rename (including back to Kaelio/ktx) now resolves with no code change. Outside CI the option is omitted, so semantic-release falls back to package.json as documented. The package.json repository field stays ktx-ai-data-agents-context as npm-display metadata, decoupled from the release-time match.
31 lines
1 KiB
Markdown
31 lines
1 KiB
Markdown
# Security Policy
|
|
|
|
## Reporting a vulnerability
|
|
|
|
If you believe you've found a security vulnerability in KTX, please report it
|
|
**privately** through GitHub Security Advisories:
|
|
|
|
[Report a vulnerability](https://github.com/Kaelio/ktx-ai-data-agents-context/security/advisories/new)
|
|
|
|
If you cannot use GitHub Security Advisories, email `support@kaelio.com`
|
|
instead. Please do **not** open a public issue, post in the KTX Slack, or
|
|
share details elsewhere until we have published a fix.
|
|
|
|
When reporting, please include:
|
|
|
|
- A description of the issue and its impact
|
|
- Steps to reproduce
|
|
- The KTX version affected
|
|
|
|
## What to expect
|
|
|
|
- We will acknowledge your report within a few business days.
|
|
- We will work with you to verify the issue and develop a fix.
|
|
- We will credit you in the resulting advisory unless you prefer to remain
|
|
anonymous.
|
|
|
|
## Supported versions
|
|
|
|
We provide security fixes for the latest released version of
|
|
[`@kaelio/ktx`](https://www.npmjs.com/package/@kaelio/ktx). Older versions
|
|
may receive fixes at the maintainers' discretion.
|