Skip to content

Security: endrilickollari/debtdrone-cli

Security

SECURITY.md

Security Policy

Supported Versions

We are committed to fixing security vulnerabilities in the latest major version of DebtDrone CLI.

Version Supported
1.0.x
< 1.0

Reporting a Vulnerability

We take the security of debtdrone seriously. If you believe you have found a security vulnerability in this project, please report it to us immediately.

Please do not report security vulnerabilities through public GitHub issues.

How to Report

If you discover a security issue, please adhere to the following:

  1. Do NOT open a public issue.
  2. Email our security team at lickollariendri@gmail.com.
  3. Provide as much detail as possible, including:
    • The version of debtdrone affected.
    • Steps to reproduce the vulnerability.
    • Sample code or a repository that triggers the issue.

We will acknowledge your report within 48 hours and provide an estimated timeline for the fix.

Response Timeline

  • Triage: We aim to confirm the vulnerability within 3 days.
  • Fix: We will work to patch the vulnerability in a private branch.
  • Release: Once patched, we will release a new version (e.g., 1.0.1) and publish a security advisory.

Thank you for helping keep the DebtDrone ecosystem secure.

There aren't any published security advisories