Skip to content

Latest commit

 

History

History
30 lines (21 loc) · 1.3 KB

SECURITY.md

File metadata and controls

30 lines (21 loc) · 1.3 KB

Security Policy

Supported Versions

The following versions of SyncUp are currently supported with security updates:

Version Supported
v1.0.0
v1.0.2

Reporting a Vulnerability

If you discover a security vulnerability in SyncUp, we encourage you to help us improve the project by following the steps below:

  1. Please do not publicly disclose the vulnerability until we have had a chance to address it.
  2. Send an email to [email protected] with the details of the vulnerability. Include:
    • A clear description of the issue
    • Steps to reproduce the vulnerability
    • Any relevant screenshots or code snippets
  3. We will respond to your report as soon as possible to discuss the next steps.

Security Best Practices

While contributing or using SyncUp, we encourage following these security best practices:

  • Do not expose sensitive information (like API keys, JWT secrets) in your code or commits.
  • Always use environment variables for sensitive data.
  • Use strong passwords for all user accounts and ensure data is transmitted securely (e.g., via HTTPS).

Your help in identifying and responsibly disclosing vulnerabilities is greatly appreciated!