Report Security Issues
Security is paramount for Astroluma. Learn how to report vulnerabilities and help us maintain a secure platform.
Supported Versions
The current version, along with the previous minor versions and the last five releases, are actively supported. Any versions older than these, including those from the previous major release, are no longer maintained or monitored, so their security cannot be guaranteed.
Reporting a Security Issue
If you believe you've discovered a critical issue, please email me at [email protected]. Security reports are treated with high priority, and you can expect a response within 48 hours.
For non-critical issues, please raise an issue on the GitHub repository and include the following details to help us address the problem effectively:
Type of Issue
Specify the nature of the issue (e.g., buffer overflow, SQL injection, cross-site scripting, etc.)
Source File Details
Provide the full paths of the source file(s) where the issue is observed
Code Location
Mention the relevant tag, branch, commit, or provide a direct URL to the affected code
Configuration Details
List any special configurations needed to reproduce the issue
Reproduction Steps
Include clear, step-by-step instructions to replicate the issue
Proof-of-Concept
Attach proof-of-concept or exploit code, if available
Impact
Explain the potential impact of the issue and describe how an attacker might exploit it
This information will help us assess and resolve the issue promptly.
Please refrain from raising issues in this repository related to ReactJS. We are already using the latest versions of these dependencies, so any problems should be directed to the React team. The same applies to other development dependencies, as they are also up-to-date.