We actively support the following versions with security updates:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
If you discover a security vulnerability in CodeOptiX, please report it to us as follows:
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report security vulnerabilities by emailing [email protected].
Include the following information in your report:
- A description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Any suggested fixes or mitigations
We will acknowledge your report within 48 hours and provide a more detailed response within 7 days indicating our next steps.
We kindly ask that you give us reasonable time to fix the issue before disclosing it publicly. We will work with you to ensure that any disclosure is coordinated and includes appropriate credit.
Security updates will be released as patch versions and will be announced through:
- GitHub Security Advisories
- Release notes on GitHub
- Security mailing list (if applicable)
When using CodeOptiX, follow these security best practices:
- Keep your dependencies up to date
- Use strong API keys and store them securely
- Regularly audit your code for security issues
- Monitor for unusual activity in your evaluations
For general security questions or concerns, please email [email protected].