The DragonMineZ team values the efforts of the community in responsibly disclosing security vulnerabilities. We take security issues seriously and are committed to resolving them promptly to protect our users.
To report a security vulnerability:
-
Do not disclose it publicly. Sharing details of a vulnerability before it is resolved could put users at risk.
-
Submit a report:
- Use the "Report a Vulnerability" tab on GitHub.
- Alternatively, you can contact us on Discord.
- Include the following details:
- Steps to reproduce the issue
- Affected versions
- Potential impacts
- Any suggested fixes or mitigations (if available)
-
What to expect:
- We will acknowledge your report within 48 to 72 hours.
- Our team will investigate and provide a plan of action within 10 days or less.
- You will be kept updated throughout the process and credited for your discovery unless you wish to remain anonymous.
After verifying and fixing a security vulnerability, we will:
- Release a patch for the affected versions listed in the Supported Versions table below.
- Publish a security advisory summarizing the issue, its impact, and how it was resolved.
- Notify relevant parties as necessary.
The following versions are actively supported with security updates:
| Version | Supported |
|---|---|
| 1.x (Latest) | ✅ |
| Older Versions | ❌ |
For tips on securely using DragonMineZ, stay tuned for detailed documentation in the Wiki (TBD) and tutorials.
Thank you for helping us maintain the security and integrity of DragonMineZ!