At Thalia, we take security vulnerabilities seriously. If you discover a security issue within the project, please report it to us promptly. We appreciate your efforts in helping us maintain the security of our software. 🛡️
To report a vulnerability, please follow these steps:
- Privately Notify Us: Send an email to [email protected] with details about the vulnerability. Please avoid disclosing the issue publicly until it has been resolved.
- Provide Details: Include as much information as possible about the vulnerability, including steps to reproduce it and any potential impact.
- Be Patient: We will acknowledge your report as soon as possible and work towards addressing the issue in a timely manner. ⏳
The following guidelines outline the scope of our security policy:
- In Scope: Any security vulnerabilities discovered within the Thalia project itself, including its codebase, dependencies, and infrastructure.
- Out of Scope: Security issues related to third-party services, websites, or applications not directly maintained by Thalia. 🚫
We kindly request that you follow responsible disclosure practices when reporting security vulnerabilities to us. This includes:
- Providing reasonable time for us to investigate and address the reported vulnerability before disclosing it to others.
- Avoiding any actions that could potentially harm the project or its users.
- Refraining from sharing details of the vulnerability publicly until it has been resolved and a fix has been released. 🤝
We appreciate your cooperation in helping us maintain the security of the Thalia project. 🙏
We would like to thank all security researchers and contributors who responsibly disclose security vulnerabilities and help us improve the security of Thalia.
Thank you for your support! 🌟