875 B
875 B
Security Policy — ${REPO_NAME}
Reporting a Vulnerability
Do NOT open a public issue for security vulnerabilities.
Instead, please report vulnerabilities privately:
- Email: security@hiddenden.cafe (preferred)
- Or use the Gitea "Security" issue template which reminds reporters to use private channels.
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We aim to acknowledge reports within 48 hours and provide a fix or mitigation plan within 7 days for critical issues.
Supported Versions
| Version | Supported |
|---|---|
| latest | Yes |
Security Scanning
This repository optionally runs automated security scanning via Gitea Actions.
To enable it, set ENABLE_SECURITY=true in .ci/config.env.
See docs/SECURITY.md for details.