-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into 10-21-docs_update_the_badges_in_readme.md_
- Loading branch information
Showing
1 changed file
with
38 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
<!-- | ||
SPDX-FileCopyrightText: 2024 Ali Sajid Imami | ||
SPDX-License-Identifier: MIT | ||
--> | ||
|
||
# Security Policy | ||
|
||
## Supported Versions | ||
|
||
This plugin will always support the **current** and **previous three releases** of Neovim. The plugin may have an irregular release schedule, so please ensure your Neovim version is within the supported range to receive updates and fixes. | ||
|
||
| Neovim Version | Supported | | ||
| -------------- | ------------------ | | ||
| Nightly | :white_check_mark: | | ||
| Stable | :white_check_mark: | | ||
| Stable - 1 | :white_check_mark: | | ||
| Stable - 2 | :white_check_mark: | | ||
| Stable - 3 | :white_check_mark: | | ||
| Older versions | :x: | | ||
|
||
## Reporting a Vulnerability | ||
|
||
If you discover any security vulnerabilities or potential issues, please follow these steps to report them: | ||
|
||
1. **Do not publicly disclose** the vulnerability until a fix is available. | ||
2. Email [[email protected]](mailto:[email protected]) with details of the vulnerability, including: | ||
- Steps to reproduce the issue. | ||
- A detailed description of the security impact. | ||
- Potential fixes or recommendations if available. | ||
3. You will receive an acknowledgment within **48 hours** of your report. | ||
|
||
Once the issue has been assessed, we will provide a timeline for a fix and release. Security patches will be backported for all supported versions of Neovim. | ||
|
||
## Vulnerability Disclosure Timeline | ||
|
||
- We aim to resolve critical vulnerabilities within **7 days** of being reported. | ||
- Non-critical vulnerabilities will be handled during regular development cycles and addressed in future updates. |