If you discover a security issue, please bring it to our attention right away!
The ADT Bundle Builder builds an Eclipse with ADT and additional ABAP plug-ins. It is therefore relying 100% on other software. As the IDE is still going to be used in a crucial step in the software development process, I take security serious.
If you find a security issue, please check with the provider of the used software. This can be:
- GruntJS
- Eclipse
- SAP for ADT
- Any other ADT add-on provider (SAP or open source)
- ...
Only the latest released version is supported regarding security findings. The latest released version is also determined by the latest Eclipse release. A fixed version will be published to a supported release only.
Please DO NOT file a public issue to report a security vulberability. Use instead the GH Repo report a security in private feature. This will help ensure that any vulnerabilities that are found can be disclosed responsibly to any affected parties.
Note: for security issues found in one of the used projects of the ADT bundle builder, please do not report an issue here. Report it at the project for the included component.