You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently support the latest stable version of Gokapi. Security updates are provided on a best-effort basis for the most recent release.
6
+
7
+
| Version | Supported |
8
+
| ------- | ------------------ |
9
+
| Latest | ✅ |
10
+
| Older | ❌ |
11
+
12
+
## Reporting a Vulnerability
13
+
14
+
If you discover a security vulnerability in Gokapi, please **do not open a public issue**.
15
+
16
+
Instead, use GitHub’s [**"Report a vulnerability"**](https://github.com/Forceu/Gokapi/security/advisories/new) feature on this repository. This ensures your report stays private and will be reviewed promptly by the maintainers.
17
+
18
+
To report a vulnerability:
19
+
20
+
1. Go to the **Security** tab of the Gokapi repository.
21
+
2. Click on **"Report a vulnerability"**.
22
+
3. Fill out the form with as much detail as possible.
23
+
24
+
We aim to acknowledge valid reports within **3 business days** and address them as quickly as possible.
25
+
26
+
## Disclosure Policy
27
+
28
+
Once a vulnerability is reported, we will:
29
+
30
+
1. Acknowledge receipt within 72 hours.
31
+
2. Investigate and validate the issue.
32
+
3. Develop a fix or mitigation strategy.
33
+
4. Coordinate a release with credit to the reporter (unless anonymity is requested).
34
+
5. Publish a security advisory via GitHub once the fix is released.
35
+
36
+
## Scope
37
+
38
+
This policy applies to the Gokapi codebase and documentation in this repository. Vulnerabilities in third-party dependencies should be reported to the appropriate maintainers.
0 commit comments