This section lists the versions of our project that are actively supported with security updates.
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
The latest version of FluidAuth includes security updates.
To report a security vulnerability, please use the following methods:
-
GitHub Issues:
- Submit your report through GitHub Issues in the repository issues tracker.
- Include a detailed description of the vulnerability, steps to reproduce, and any potential impact.
-
GitHub Discussions:
- Alternatively, you can use GitHub Discussions to report and discuss potential security issues in our discussions page.
-
Response Time:
- You will receive an acknowledgment of your report within 48 hours.
- We will provide regular updates on the status of the report, typically every 7 days.
-
Evaluation:
- Our security team will evaluate the report and determine its validity.
- If the vulnerability is accepted, we will work on a fix and provide a timeline for its release.
- If the vulnerability is declined, we will inform you of the reasons and any alternative recommendations.
-
Disclosure:
- We follow a coordinated disclosure process.
- Details of accepted vulnerabilities will be published in our release notes and/or security advisories after the fix is deployed.
-
Thank You:
- We appreciate the efforts of individuals who help us improve our security.
- Contributors who identify valid vulnerabilities may be acknowledged in our release notes or receive other forms of recognition.