mirror_php/LinkAce
1
0
Fork 0
mirror of https://github.com/Kovah/LinkAce.git synced 2025-02-23 10:43:41 +01:00
Code Issues Releases Wiki Activity
LinkAce/SECURITY.md
Kovah 24a1fcb845
Add notice about bug bounties
2022-12-15 00:16:21 +01:00

42 lines
2.2 KiB
Markdown
Raw Blame History

# Security Policy
## Supported Versions
There is no warranty for the program, to the extent permitted by applicable law. Except when otherwise stated in
writing the copyright holders and/or other parties provide the program "as is" without warranty of any kind,
either expressed or implied, including, but not limited to, the implied warranties of merchantability and fitness for
a particular purpose. The entire risk as to the quality and performance of the program is with you. Should the program
prove defective, you assume the cost of all necessary servicing, repair or correction.
In no event unless required by applicable law or agreed to in writing will any copyright holder, or any other party who
modifies and/or conveys the program as permitted above, be liable to you for damages, including any general, special,
incidental or consequential damages arising out of the use or inability to use the program (including but not limited
to loss of data or data being rendered inaccurate or losses sustained by you or third parties or a failure of the
program to operate with any other programs), even if such holder or other party has been advised of the possibility
of such damages.
| Version | Supported |
| ------- | ------------------ |
| 0.x | :x: |
| 1.x | :white_check_mark: |
### Support for PHP versions
The PHP version supported by LinkAce is the oldest version of PHP that is still **officially supported** in terms of
security fixes. You can check the currently supported versions on [php.net](https://www.php.net/supported-versions.php).
## Reporting a Vulnerability
All dependencies are updated regularly, security fixes for those dependencies are released as fast as possible.
If you discover a security vulnerability, please contact me directly via `contact [at] linkace [dot] org`. Those
vulnerabilities are addressed as fast as possible.
### Bug Bounties
The LinkAce project offers bug bounties for finding critical security vulnerabilities. Bounties are paid from the funds
available in the [Open Collective account](https://opencollective.com/linkace). Please notice that the actual paid
amounts are subject to negotiation and depend on the severity of the vulnerability.
Reference in New Issue View Git Blame Copy Permalink