This section outlines the versions of NotaBeen that are currently supported with security updates. We highly recommend using a supported version to ensure you receive critical security patches.
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
We will announce any changes to our support policy via a new release and on our GitHub repository.
We take security vulnerabilities very seriously and appreciate the community's effort in responsibly disclosing them.
How to Report:
- Do not open a public GitHub issue.
- Please report all security vulnerabilities by sending a private message on LinkedIn to Curtis Thomas:
- In your report, include a detailed description of the vulnerability, the steps to reproduce it, and the potential impact. If possible, provide a proof-of-concept or a link to a private repository demonstrating the issue.
What to Expect:
- Initial Response: We will acknowledge your message within 48 hours of receiving it.
- Assessment: Our team will investigate the reported vulnerability. This process may take up to 5 business days, depending on the complexity of the issue. We will keep you updated on our progress.
- Resolution: Once the vulnerability is verified and a fix is ready, we will coordinate with you to determine a responsible disclosure timeline. We aim to release a patch as soon as possible.
- Public Disclosure: After the fix is deployed, we will create a public announcement on our GitHub repository detailing the vulnerability and crediting the reporter (unless you wish to remain anonymous).
We are committed to working with security researchers to ensure the safety and integrity of NotaBeen for all users.