From d7074c27bd77b1cbdb583528ece1f8372a4eccc3 Mon Sep 17 00:00:00 2001 From: Supun Sethsara Date: Mon, 26 Feb 2024 20:51:02 +0530 Subject: [PATCH] Create SECURITY.md --- SECURITY.md | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..8562254 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,37 @@ +# Security Policy + +## Reporting a Vulnerability + +At React Three NPC, we take security seriously. We appreciate your efforts to responsibly disclose any security vulnerabilities you may find in our project. + +To report a vulnerability, please email us directly at s.sethsara@gmail.com and provide detailed information about the vulnerability and steps to reproduce it. We will investigate and respond to your report as quickly as possible. + +## Supported Versions + +We will provide security updates and patches for the following versions of React Three NPC: + +- Latest stable release + +## Reporting a Security Issue + +If you believe you have discovered a security vulnerability, please follow our responsible disclosure policy and report it to us privately. We request that you not disclose the issue publicly until we have had a chance to address it. + +Please include the following details in your report: + +- Description of the vulnerability +- Steps to reproduce the vulnerability +- Versions affected +- Any additional information that may be helpful + +## Disclosure Policy + +- Please do not publicly disclose the vulnerability until we have had an opportunity to review and address it. +- We will work with you to understand and validate the issue, and to develop and release patches as necessary. +- Once a fix is available, we will coordinate the disclosure of the vulnerability with you and other affected parties. +- We will acknowledge your responsible disclosure in our release notes and on our website, unless you request otherwise. + +## Thank You + +We greatly appreciate your help in keeping React Three NPC secure. Your efforts to responsibly report security issues contribute to the safety and stability of our project for everyone. If you have any questions or concerns, please don't hesitate to contact us. + +Thank you for your support and collaboration.