Use this section to tell people about which versions of your project are currently being supported with security updates.
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
| < 1.0 | ❌ |
We take the security of StoryLines seriously. If you have discovered a security vulnerability in our project, please follow these steps to report it:
-
Do Not disclose the vulnerability publicly until it has been addressed by our team.
-
Please email us at pravdevrav@gmail.com with details of the vulnerability. If possible, encrypt your message using our PGP key (available on our website).
-
Include the following information in your report:
- Type of vulnerability
- Full paths of source file(s) related to the vulnerability
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the vulnerability, including how an attacker might exploit it
-
Allow us a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to respond to security reports within 48 hours and will strive to keep you informed about our progress towards a fix.
When we receive a security bug report, we will:
- Confirm the problem and determine the affected versions.
- Audit code to find any potential similar problems.
- Prepare fixes for all supported versions.
- Release new security fix versions as soon as possible.
If you have suggestions on how this process could be improved, please submit a pull request or open an issue to discuss.
Thank you for helping to keep StoryLines and our users safe!