32 lines
1.5 KiB
Markdown
32 lines
1.5 KiB
Markdown
# Security Policy
|
|
|
|
Thanks for helping to make Go Hass Agent a safe and useful application for everyone.
|
|
|
|
## Supported Versions
|
|
|
|
Only the latest released version of Go Hass Agent will be supported with security updates.
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Security issues and vulnerabilities can be reported privately by following the
|
|
GitHub documentation: [Privately reporting a security
|
|
vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability).
|
|
|
|
**Please do not report security vulnerabilities through public GitHub issues,
|
|
discussions, or pull requests.**
|
|
|
|
Please include as much of the information listed below as you can to help us
|
|
better understand and resolve the issue:
|
|
|
|
- The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
|
|
- Full paths of source file(s) related to the manifestation of the issue
|
|
- The location of the affected source code (tag/branch/commit or direct URL)
|
|
- Any special configuration required to reproduce the issue
|
|
- Step-by-step instructions to reproduce the issue
|
|
- Proof-of-concept or exploit code (if possible)
|
|
- Impact of the issue, including how an attacker might exploit the issue
|
|
|
|
This information will help us triage your report more quickly.
|
|
|
|
Security issues and vulnerabilities will be addressed with reasonable effort but no guarantees are made with regards to resolution of reports within any timeframe or a fix at all.
|