Security policy
Security vulnerabilities
Do not disclose a vulnerability until a fix is in place.
If you discover a security vulnerability, please report it immediately via email to security@plateforme.io, providing detailed steps to reproduce the issue and include example code when possible like you would for a regular bug report.
-
Our priority
Security is fundamental to Plateforme and our community.
-
Version support
Stay secure with latest features, fixes, and updates.
Reporting a vulnerability
The latest version of Plateforme is supported.
If you think you've discovered a security vulnerability, even if you're not entirely certain about it, we encourage you to report it immediately by emailing security@plateforme.io. To help us investigate effectively:
- Provide detailed steps that would allow us to reproduce the potential security issue
- Include example code demonstrating the vulnerability whenever possible
- Share any additional context or observations that might help us understand the impact and scope
Public discussions
If you believe you've discovered a potential security vulnerability, please refrain from discussing it publicly. A private disclosure allows us to investigate and implement fixes before potential exposure, significantly reducing security risks for all users. Work with us directly through the reporting process outlined above.
Best practices
You are encouraged to keep your project secure by writing tests and updating Plateforme frequently after verifying test success. Each update brings new features, bug fixes, and security patches. Check our documentation for version pinning and upgrade best practices.
Your help in keeping Plateforme secure is invaluable!