-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
13ff8f2
commit 79424b1
Showing
1 changed file
with
50 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| # Security Policy | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| If you discover a security vulnerability within EdgeSQL Shell, please report it as soon as possible. We take all security vulnerabilities seriously and will work to resolve any identified issues promptly. | ||
|
|
||
| To report a security vulnerability, please email [[email protected]](mailto:[email protected]) with the details of the vulnerability. In your report, please include: | ||
|
|
||
| - A detailed description of the vulnerability. | ||
| - Steps to reproduce the issue. | ||
| - Any potential impact or exploit scenarios. | ||
|
|
||
| ## Supported Versions | ||
|
|
||
| The following versions of EdgeSQL Shell are currently being supported with security updates: | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
| | 1.x | :white_check_mark: | | ||
| | < 1.0 | :x: | | ||
|
|
||
| ## Security Updates | ||
|
|
||
| We will notify users of security updates through our GitHub repository and release notes. It is recommended to always use the latest version of EdgeSQL Shell to benefit from the latest security fixes. | ||
|
|
||
| ## Security Best Practices | ||
|
|
||
| To help ensure the security of your EdgeSQL Shell installation, please follow these best practices: | ||
|
|
||
| - **Keep Software Up-to-Date**: Always use the latest version of EdgeSQL Shell. | ||
| - **Review Dependencies**: Regularly check for and update dependencies to ensure they are free of known vulnerabilities. | ||
| - **Use Strong Passwords**: Ensure that all passwords used in your environment are strong and unique. | ||
| - **Limit Access**: Restrict access to the minimum necessary users and services. | ||
| - **Regular Audits**: Perform regular security audits of your system and environment. | ||
|
|
||
| ## Responsible Disclosure | ||
|
|
||
| We believe in responsible disclosure of vulnerabilities. If you report a vulnerability, we request that you: | ||
|
|
||
| - Allow us a reasonable amount of time to resolve the issue before disclosing it publicly. | ||
| - Avoid exploiting the vulnerability beyond what is necessary to demonstrate it. | ||
| - Respect our users' data and privacy during your investigation. | ||
|
|
||
| We appreciate your efforts to keep EdgeSQL Shell secure and will acknowledge your contributions in our release notes. | ||
|
|
||
| Thank you for helping to improve the security of EdgeSQL Shell! | ||
|
|
||
| ## Contact | ||
|
|
||
| If you have any questions or need further assistance, please contact us at [[email protected]](mailto:[email protected]). |