docs: add SECURITY.md — responsible disclosure policy
This commit is contained in:
parent
476ede4267
commit
0d6aa5975e
1 changed files with 26 additions and 0 deletions
26
SECURITY.md
Normal file
26
SECURITY.md
Normal file
|
|
@ -0,0 +1,26 @@
|
||||||
|
# Security Policy
|
||||||
|
|
||||||
|
## Reporting a Vulnerability
|
||||||
|
|
||||||
|
**Do not open a GitHub or Codeberg issue for security vulnerabilities.**
|
||||||
|
|
||||||
|
Email: `security@circuitforge.tech`
|
||||||
|
|
||||||
|
Include:
|
||||||
|
- A description of the vulnerability
|
||||||
|
- Steps to reproduce
|
||||||
|
- Potential impact
|
||||||
|
- Any suggested fix (optional)
|
||||||
|
|
||||||
|
**Response target:** 72 hours for acknowledgement, 14 days for triage.
|
||||||
|
|
||||||
|
We follow responsible disclosure — we will coordinate a fix and release before any
|
||||||
|
public disclosure and will credit you in the release notes unless you prefer to remain
|
||||||
|
anonymous.
|
||||||
|
|
||||||
|
## Supported Versions
|
||||||
|
|
||||||
|
| Version | Supported |
|
||||||
|
|---------|-----------|
|
||||||
|
| Latest release | ✅ |
|
||||||
|
| Older releases | ❌ — please upgrade |
|
||||||
Loading…
Reference in a new issue