github.com/timandy/routine@v1.1.4-0.20240507073150-e4a3e1fe2ba5/SECURITY.md (about) 1 # Security Policy 2 3 ## Supported Versions 4 5 At the moment, only the latest commit on the `main` branch will be supported for security vulnerabilities. 6 7 | **Branch** | **Supported** | 8 |:----------:|:-------------:| 9 | `main` | ✅ | 10 11 ## Reporting a Vulnerability 12 13 **Please do not report security vulnerabilities through public GitHub issues.** 14 15 If you found a security vulnerability in the current repository, please send a mail to [Tim Andy](mailto:xuchonglei@126.com). 16 You should get a reply within *72 hours* that we have received your report and a tentative [CVSS](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator) score. 17 We will do a preliminary analysis to confirm that the vulnerability is a plausible claim and decline the report otherwise. 18 19 If possible, please include: 20 21 1. reproducible steps on how to trigger the vulnerability. 22 2. a description on why you are convinced that it exists. 23 3. any information you may have on active exploitation of the vulnerability.