We are committed to ensuring the security of Dey Weaver. Security updates and patches will be applied to the latest version of the application available on the main branch.
| Version | Supported |
|---|---|
| Latest | ✅ |
The Dey Weaver team and community take all security vulnerabilities seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
To report a security vulnerability, please email Aryan Singh directly at [email protected].
Please do not report security vulnerabilities through public GitHub issues.
When reporting a vulnerability, please include the following details:
- Description of the vulnerability: A clear and concise description of what the vulnerability is.
- Steps to reproduce: Detailed steps to reproduce the vulnerability. If possible, include code snippets or proof-of-concept code.
- Impact: What is the potential impact of this vulnerability? (e.g., data exposure, denial of service, unauthorized access).
- Configuration: Any specific configurations of the application that are necessary to reproduce the vulnerability.
- Your contact information: So we can reach out for more details if needed.
- We will acknowledge receipt of your vulnerability report within 48 hours.
- We will investigate the reported vulnerability and determine its validity and severity.
- We will work to fix the vulnerability in a timely manner.
- We will keep you informed of our progress.
- We will publicly acknowledge your contribution (if you wish) once the vulnerability has been fixed.
Thank you for helping keep Dey Weaver secure!