Skip to content

Security: roryprimrose/Neovolve.Configuration.DependencyInjection

.github/SECURITY.md

Security Policy

Supported versions

Security fixes are provided for the most recently released version of Neovolve.Configuration.DependencyInjection published on NuGet. Please upgrade to the latest release before reporting a vulnerability.

Reporting a vulnerability

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, report them privately using GitHub's private vulnerability reporting. This opens a confidential advisory that only the maintainers can see.

When reporting, please include as much of the following as you can:

  • The affected version(s) and target framework.
  • A description of the vulnerability and its impact.
  • Steps to reproduce, ideally a minimal reproducer or failing test.
  • Any known workarounds.

What to expect

This is a community-maintained open source project without a dedicated 24/7 response team, so please allow a reasonable amount of time for an initial response. We will acknowledge your report, work with you to understand and validate the issue, and coordinate the disclosure timeline with you once a fix is available.

There aren't any published security advisories