The Keymaster team takes security seriously. We appreciate your efforts to responsibly disclose your findings, and we will make every effort to acknowledge your contributions.
As a small and actively developed project, we do not have the resources to provide security updates for older versions. Therefore, only the latest stable release of Keymaster is supported.
| Version | Supported |
|---|---|
| >= 1.5.0 | ✅ |
| < 1.5.0 | ❌ |
We encourage all users to run the latest version of the software by updating with:
go install github.com/toeirei/keymaster/cmd/keymaster@latest
If you believe you have found a security vulnerability in Keymaster, please do not open a public issue on GitHub.
Instead, we ask you to send a private email to [email protected].
Please include the following details in your report:
- A description of the vulnerability and its potential impact.
- Steps to reproduce the issue, including any specific configurations or prerequisites.
- The version of Keymaster you are using.
- Any proof-of-concept code or scripts, if possible.
We will do our best to respond to your report within 48 hours and will work with you to understand and resolve the issue. We will not disclose your report publicly until a fix is available and has been coordinated with you.
Thank you for helping to keep Keymaster secure.