| # Security Policy | |
| ## Supported Versions | |
| | Version | Supported | | |
| | ------- | ------------------ | | |
| | 0.0.x | :x: | | |
| ## 🔒️ Reporting a Vulnerability | |
| If you have identified a security vulnerability in system or product please `RayVentura` with your findings. We strongly recommend using our `PGP key` to prevent this information from falling into the wrong hands. | |
| ### Disclosure Policy | |
| Upon receipt of a security report the following steps will be taken: | |
| - Acknowledge your report within 48 hours, and provide a further more detailed update within 48 hours. | |
| - Confirm the problem and determine the affected versions | |
| - Keep you informed of the progress towards resolving the problem and notify you when the vulnerability has been fixed. | |
| - Audit code to find any potential similar problems. | |
| - Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible. | |
| - Handle your report with strict confidentiality, and not pass on your personal details to third parties without your permission. | |
| Whilst the issue is under investigation | |
| - **Do** provide as much information as possible. | |
| - **Do not** exploit of the vulnerability or problem you have discovered. | |
| - **Do not** reveal the problem to others until it has been resolved. | |