-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
41 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| # Security Policy | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| At Lilypad Network, we take security very seriously. If you believe you have found a security vulnerability in our project, we appreciate your efforts to responsibly disclose it to us. | ||
|
|
||
| ### How to Report | ||
|
|
||
| 1. **Contact Information**: | ||
| - Please email your findings to our security team at [security@lilypad.tech](mailto:security@lilypad.tech). | ||
| - Include the phrase "Lilypad Network Security Vulnerability" in the subject line. | ||
|
|
||
| 2. **Information to Include**: | ||
| - Detailed description of the vulnerability. | ||
| - Steps to reproduce the vulnerability. | ||
| - Potential impact of the vulnerability. | ||
| - Any possible mitigation or fix you have identified. | ||
|
|
||
| 3. **Public Disclosure**: | ||
| - Do not disclose the vulnerability publicly or to any third parties before we have had a chance to investigate and address it. | ||
|
|
||
| ### What to Expect | ||
|
|
||
| - You will receive a confirmation of your report within 48 hours. | ||
| - Our security team will review your report and may reach out for additional information. | ||
| - We aim to resolve and patch confirmed vulnerabilities within a reasonable time frame, depending on the complexity and impact of the issue. | ||
| - Once the vulnerability is fixed, we will acknowledge your contribution in our release notes (if desired). | ||
|
|
||
| ### Acknowledgments | ||
|
|
||
| We are grateful to the security community and individual researchers who take the time to responsibly report security vulnerabilities. Your efforts help us ensure that Lilypad Network remains secure for all users. | ||
|
|
||
| ## Scope | ||
|
|
||
| This security policy applies to the Lilypad Network repository and all related code and services under our management. For vulnerabilities related to third-party dependencies, please report them to the respective maintainers. | ||
|
|
||
| ## Thank You | ||
|
|
||
| Thank you for helping to keep Lilypad Network secure. Your contributions are invaluable to the health and safety of our community. | ||
|
|
||
| If you have any questions or need further assistance, please don't hesitate to contact us at [security@lilypad.tech](mailto:security@lilypad.tech). |