mirror of
https://github.com/spalencsar/bearwave.git
synced 2026-07-06 22:24:17 +02:00
docs: add CODE_OF_CONDUCT.md and SECURITY.md
This commit is contained in:
25
SECURITY.md
Normal file
25
SECURITY.md
Normal file
@@ -0,0 +1,25 @@
|
||||
# Security Policy
|
||||
|
||||
BearWave is currently in a public beta phase. Security reports are very welcome and should be handled carefully, especially since BearWave processes external internet radio streams and metadata.
|
||||
|
||||
## Supported Versions
|
||||
|
||||
During the beta phase, security fixes target the latest code on `main` and the most recent published release when practical.
|
||||
|
||||
Older releases are not guaranteed to receive backported fixes. Users should update to the latest available release after a security fix is published.
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Please **do not** open a public issue for a vulnerability before it has been reviewed.
|
||||
|
||||
Preferred reporting path:
|
||||
|
||||
1. Use GitHub's private vulnerability reporting / security advisory feature for this repository, if available.
|
||||
2. If private reporting is not available, contact the maintainer through GitHub and request a private disclosure channel.
|
||||
|
||||
Include as much detail as possible:
|
||||
|
||||
- Affected BearWave version or commit SHA
|
||||
- Operating system and desktop environment
|
||||
- Steps to reproduce the issue
|
||||
- Potential impact of the vulnerability
|
||||
Reference in New Issue
Block a user