kolo/Argenta
1
0
Fork 0
mirror of https://github.com/koloideal/Argenta.git synced 2026-06-10 18:15:28 +03:00
Code Issues Packages Projects Releases Wiki Activity

docs

Browse Source
This commit is contained in:
kolo
2025-10-19 22:31:02 +03:00
parent 9ff00ee785
commit d146fc6b6b
2 changed files with 106 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
SECURITY.md
+54
View File
@@ -0,0 +1,54 @@
# Security Policy
The Argenta team takes security seriously. We appreciate your efforts to responsibly disclose your findings, and we will make every effort to acknowledge your contributions.
## Supported Versions
This table shows the versions of Argenta that are currently supported with security updates.
| Version | Supported |
|---------|-----------------|
| 1.1.x | ✅ |
| < 1.1 | ❌ |
## Reporting a Vulnerability
If you believe you have found a security vulnerability in Argenta, please report it to us through one of the following methods:
- **Email**: Send a detailed report to `kolo.is.main@gmailcom`.
- **GitHub Security Advisories**: You can create a new security advisory directly in the Argenta repository.
**Please do not report security vulnerabilities through public GitHub issues.**
### What to Include
To help us understand and resolve the issue quickly, please include the following information in your report:
- A clear and descriptive title.
- The affected version(s) of Argenta.
- A detailed description of the vulnerability.
- Step-by-step instructions to reproduce the issue (a Proof-of-Concept).
- The potential impact of the vulnerability.
- Any suggested mitigations or fixes, if you have any.
You can expect a response from us within 48 hours to acknowledge receipt of your report.
## Disclosure Process
1. Upon receiving a vulnerability report, we will assign it to a team member and begin our investigation.
2. We will confirm the vulnerability and determine its severity.
3. We will work on a patch to address the issue.
4. Once the patch is ready, we will coordinate with you to schedule a release and a public disclosure. We prefer to disclose vulnerabilities through a GitHub Security Advisory.
5. We will credit you for your discovery in the advisory, unless you prefer to remain anonymous.
## Security Best Practices
As a user of Argenta, we recommend the following best practices to keep your application secure:
- Always use the latest version of Argenta.
- Regularly scan your project's dependencies for known vulnerabilities.
- If your application handles sensitive data, ensure it is stored and transmitted securely.
## Bug Bounty Program
Currently, we do not have a formal bug bounty program. However, we deeply appreciate the work of security researchers and may offer non-monetary recognition for significant contributions.