Skip to content

Security: coreydaley/.github

Security

Report a vulnerability

SECURITY.md

Security Policy

Supported versions

Security fixes are applied to the latest release only. Older versions are not backported unless otherwise noted in the repository.

Reporting a vulnerability

Please do not report security vulnerabilities through public GitHub issues.

Instead, email corey@coreydaley.dev with:

  • A description of the vulnerability and its potential impact
  • Steps to reproduce or proof-of-concept code
  • Any suggested mitigations, if known

You can expect an acknowledgement within 48 hours and a status update within 7 days. If the issue is confirmed, a fix will be coordinated before any public disclosure.

Scope

This policy covers all public repositories under @coreydaley that do not define their own SECURITY.md.

Disclosure policy

Once a fix is available, a security advisory will be published via GitHub's Security Advisories feature. Credit will be given to reporters who request it.

There aren’t any published security advisories