| Version | Supported |
|---|---|
| 4.1.x | ✅ |
| 4.0.x | ✅ |
| < 4.0 | ❌ |
DO NOT report security vulnerabilities through public GitHub issues.
Instead, please report them via:
- Email:
- GitHub Security Advisories: https://github.com/islero/High-Performance-Backtest.Net/security/advisories/new
When reporting a vulnerability, please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 1 week
- Resolution Target: Depends on severity
- Critical: 7 days
- High: 14 days
- Medium: 30 days
- Low: 90 days
We follow responsible disclosure:
- Reporter notifies maintainer privately
- Maintainer acknowledges and investigates
- Maintainer develops and tests fix
- Fix is released with security advisory
- Public disclosure after users have time to update
- Always use the latest stable version
- Pin your dependencies with lock files
- Review release notes before updating
- Subscribe to GitHub security advisories for this repo