Merge branch 'master' of github.com:quasarframework/proton

2019-07-13 20:26:39 +03:00 · 2019-07-13 20:26:39 +03:00 · 42f9f16b7a
parent b49c1aa6f0 8a69171b53
commit 42f9f16b7a
1 changed files with 33 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,33 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+If you have found a potential security threat, vulnerability or exploit in Quasar
+or one of its upstream dependencies, please DON’T create a pull-request, DON’T
+file an issue on GitHub, DON’T mention it on Discord and DON’T create a forum thread.
+
+DO reach out to the team by sending an email to security@quasar.dev - we
+will investigate and work with you to triage this issue and help you to report it
+if appropriate. At the current time we do not have the financial ability to reward
+bounties, but in extreme cases will at our discretion consider a reward.
+
+## Security Audit
+
+You can apply to book the Quasar team’s security experts to perform a Security Audit
+for your project. Contact us to find out more about how to acquire, validate and publish
+an official timestamped and version-locked audit badge.
+
+security@quasar.dev
+
+## Security Documentation
+
+https://quasar.dev/security/