Files
bearwave-mac/SECURITY.md
2026-06-25 09:48:58 +02:00

1.1 KiB

Security Policy

Supported Versions

This repository is currently in an early alpha stage.

Security fixes are expected on:

  • the current main branch
  • the newest tagged pre-release, when one exists

Older snapshots may not receive backported fixes.

Reporting a Vulnerability

Please do not open a public issue for a suspected security problem before the maintainer has had a chance to assess it.

Preferred process:

  1. Report the issue privately through your forge's private reporting workflow, if available.
  2. If private reporting is not available, contact the maintainer through the repository owner profile first.
  3. Include:
    • affected version or commit
    • reproduction steps
    • impact
    • any workaround, if known

Scope

Relevant security reports include:

  • credential or token leakage
  • unsafe network handling
  • update or packaging integrity issues
  • sandbox, entitlement, or macOS permission mistakes
  • malicious or unintended code execution paths

Reports that are only stream-quality, broken station metadata, or ordinary playback bugs should go through the normal issue tracker.