Skip to content

Commit 421e2ab

Browse files
jcdcdevjcdcdev
committed
doc: Update security policy
1 parent 22dd49c commit 421e2ab

File tree

1 file changed

+55
-0
lines changed

1 file changed

+55
-0
lines changed

SECURITY.md

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
# Security Policy
2+
3+
## Supported Versions
4+
5+
The following table outlines the versions of the project that are currently supported with security & feature updates:
6+
7+
> [!NOTE]
8+
> Once a version starts its security phase, it will no longer receive feature updates. Only critical bug fixes and security updates will be provided.
9+
10+
| Package Version | Umbraco Version | Security Phase Start | End of Life |
11+
| ---------------------------------------------------------------------------------- | --------------- | -------------------- | ----------- |
12+
| [15.x](https://github.com/jcdcdev/Umbraco.Community.SimpleTrees/tree/v15) | 15 | 2025-08-14 | 2025-11-14 |
13+
| [16.x](https://github.com/jcdcdev/Umbraco.Community.SimpleTrees/tree/v16) | 16 | 2026-03-12 | 2026-06-12 |
14+
15+
16+
## Future Support
17+
18+
Project maintainers plan to support all STS (Short-Term Support) and LTS (Long-Term Support) versions of Umbraco. However, exact release dates cannot be guaranteed.
19+
20+
> [!NOTE]
21+
> Visit [jcdc.dev/blog/umbraco-version-information](https://jcdc.dev/blog/umbraco-version-information) for more information on Umbraco versions.
22+
23+
## Reporting a Vulnerability
24+
25+
If you discover a vulnerability in this project, please follow one of these steps to report it:
26+
27+
- Create an [issue](https://github.com/jcdcdev/Umbraco.Community.SimpleTrees/security/advisories/new)
28+
- Contact the project author privately at [jcdc.dev/contact](https://jcdc.dev/contact)
29+
30+
### Details
31+
32+
Include as much information as possible about the vulnerability, including:
33+
34+
- Steps to reproduce
35+
- Potential impact
36+
- Any suggested fixes
37+
38+
### Acknowledgment
39+
40+
You will receive an acknowledgment of your report as soon as possible.
41+
42+
> [!NOTE]
43+
> Response times may vary depending on other commitments.
44+
45+
### Resolution
46+
47+
Once the vulnerability is confirmed, project maintainers will work to resolve it as quickly as possible.
48+
49+
You will be notified once the issue has been resolved or rejected.
50+
51+
> [!TIP]
52+
> If the vulnerability is accepted, you will receive credit in the release notes.
53+
54+
Thank you for helping to keep this project secure!
55+

0 commit comments

Comments
 (0)