The dinushchathurya/websmslk project maintains release branches for the three most recent minor releases. Applicable fixes, including security fixes, may be backported to those three release branches, depending on severity and feasibility. Please refer to RELEASES.md for details.
Security is of the highest importance and all security vulnerabilities or suspected security vulnerabilities should be reported to websmslk privately, to minimize attacks against current users of dinushchathurya/websmslk before they are fixed. Vulnerabilities will be investigated and patched on the next patch (or minor) release as soon as possible. This information could be kept entirely internal to the project.
If you know of a publicly disclosed security vulnerability for dinushchathurya/websmslk, please IMMEDIATELY contact [email protected] to inform the dinushchathurya/websmslk Security Team.
IMPORTANT: Do not file public issues on GitHub for security vulnerabilities
To report a vulnerability or a security-related issue, please email the private address [email protected] with the details of the vulnerability. The email will be fielded by the Harbor Security Team, which is made up of Harbor maintainers who have committer and release permissions. Emails will be addressed within 3 business days, including a detailed plan to investigate the issue and any potential workarounds to perform in the meantime. Use GitHub issues instead.