We are committed to maintaining the security and stability of our software.
If you discover a security vulnerability within this repository, please follow these steps:
-
Do Not Disclose Publicly: Please do not disclose the vulnerability publicly until we have had the chance to address it.
-
Contact Us: Send an email to the maintainers at [email protected] with the following details:
- Description of the vulnerability.
- Steps to reproduce the vulnerability.
- Potential impact of the vulnerability.
- Any known mitigations.
-
Resolution Process: We aim to address critical vulnerabilities within ASAP, and non-critical issues within 30 days. After the issue is resolved, we will release a security patch and will publicly disclose the vulnerability with attribution to the reporter (if they wish).
While we strive to ensure our code is secure, here are some best practices for users of our plugin:
- Always use the latest version of the plugin.
- Regularly check for updates and apply them promptly.
- Review the plugin's configuration and permissions settings to ensure they meet your security requirements.
- Monitor your Mattermost instance for any unusual activity.
For more information about security in Mattermost, please refer to Mattermost Security Overview
Thank you for helping to keep our community safe!
For any other security-related inquiries or concerns, please contact us at [email protected].