Click/tap here to expand/collapse this section
This project is still in its early stages, although it is mainly an HTML website. It shouldn't be much of an issue security wise, as there is no way to log in, make posts, or upload data to the site.
For general security vulnerabilities, use the security label and start your issue title with [SECURITY]. Remember to not publicly post critical/zero day vulnerabilities, see more on this below.
Click/tap here to expand/collapse this section
| Version | Supported? | Support status |
|---|---|---|
| V1.00A | ❌ | Old version, not supported |
| V1.00B | ❓ | Old version, partially supported |
| V1.01A | ✅ | Current subversion, supported |
| V1.01B | ✅ | Current version, supported |
| > V1.00A & > 2022 February 21st | ✅ | Current version set, supported |
| V1.02A | ❌ | NOT YET RELEASED |
| V1.02B | ❌ | NOT YET RELEASED |
Click/tap here to expand/collapse this section
DO NOT REPORT A ZERO DAY VULNERABILITY PUBLICLY!
Please instead direct message me via GitHub. If there is no response within 90 days, you can post the vulnerability as an issue, as part of the standard 0 day security exploit reporting guidelines.
If a vulnerability is caused by an outdated dependancy, you can report it publicly, as it usually isn't that much of a problem.
Click/tap here to expand/collapse this section
Dependency problems aren't very bad. This project uses 7 different languages:
-
HTML5
-
CSS3
-
JavaScript
-
JSON
-
BibTeX
-
INI
-
K Desktop
You can still report dependency problems, but dependencies usually won't be updated unless they get too old (5+ years before the most recent release) or they aren't common enough to download anymore. The current dependencies this project has include:
-
JSON ? (the program will work with any stable version of JSON)
-
Python 3.7.2 (although the program will still run with any version of Python prior to Python 3.0)
-
CSS 3.0 (although the program will still run with any version of CSS prior to CSS 2.0 as of 2021 October 28th at 8:00 pm)
-
JavaScript 1.8 (I am unsure whether bumping the version up or down will cause problems)
-
BASH shell 5.0 (althouh the program will still run with any version of BASH shell from 3.0 or higher, and it can also be bumped up if needed)
-
INI ? (the program will work with any stable version of the INI specification since Windows XP)
-
BibTeX ? (the program will work with any stable version of BibTeX)
Click/tap here to expand/collapse this section
Other security info currently isn't available. If there are any further questions, @ me privately on GitHub. @seanpm2001
Click/tap here to expand/collapse this section
File type: Markdown document (*.md *.mkd *.mdown *.markdown)
File purpose: Lying out the security policy for this project.
File version: 1 (2022, Tuesday, February 22nd at 6:44 pm)
File language: English (US)
Line count (including blank lines and compiler line): 149
All times are UTC-7 (PDT/Pacific Time)
You may need special rendering support for the <dropdown> HTML tag being used in this document
Encoding: UTF-8 (with no non-US-ASCII characters)
Click/tap here to expand/collapse the history for this file
Version 1 (2022, Tuesday, February 22nd at 6:44 pm)
Changes:
- Started the file
- Added the supported versions section
- Added the version history section
- Added the reporting a vulnerability section
- Added the file info section
- Added the file history section
- No other changes in version 1
Version 2 (Coming soon)
Changes:
- Coming soon
- No other changes in version 2