mirror of
https://github.com/toeverything/AFFiNE.git
synced 2026-02-04 00:28:33 +00:00
27 lines
1.5 KiB
Markdown
27 lines
1.5 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
We recommend users to always use the latest major version. Security updates will be provided for the current major version until the next major version is released.
|
|
|
|
| Version | Supported |
|
|
| --------------- | ------------------ |
|
|
| 0.25.x (stable) | :white_check_mark: |
|
|
| < 0.25.x | :x: |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
We welcome you to provide us with bug reports via and email at [security@toeverything.info](mailto:security@toeverything.info) or submit directly on [GitHub](https://github.com/toeverything/AFFiNE/security), **we encourage you to submit the relevant information directly via GitHub**. We expect your report to contain at least the following for us to evaluate and reproduce:
|
|
|
|
1. Using platform and version, for example:
|
|
- macos arm64 0.12.0-canary-202402220729-0868ac6
|
|
- app.affine.pro 0.12.0-canary-202402220729-0868ac6
|
|
|
|
2. A sets of video or screenshot containing the reproduce steps that proves you successfully exploited the vulnerability, preferably including the time and software version of the successful exploit.
|
|
|
|
3. Your classification or analysis of the vulnerability (optional)
|
|
|
|
Since we are an open source project, we also welcome you to provide corresponding fix PRs, we will determine specific rewards based on the evaluation results.
|
|
|
|
If the vulnerability is caused by a library we depend on, we encourage you to submit a security report to the corresponding dependent library at the same time to benefit more users.
|