The following table shows which versions of the TaskEncher project are currently being supported with security updates:
| Version | Supported |
|---|---|
| 5.1.x | ✅ |
| 5.0.x | ❌ |
| 4.0.x | ✅ |
| < 4.0 | ❌ |
To report a vulnerability in TaskEncher, please follow these steps:
- Visit the TaskEncher repository and locate the "Issues" tab.
- Click on "New issue" and choose the appropriate template for reporting a security vulnerability.
- Provide a detailed description of the vulnerability, including any relevant steps to reproduce, potential impact, and suggested mitigation measures.
- Submit the issue and wait for a response from the project maintainers.
Once a vulnerability has been reported, you can expect the following:
- The maintainers will acknowledge receipt of the report within 48 hours.
- They will investigate the reported vulnerability and work on a fix or mitigation strategy.
- You will receive regular updates on the progress of addressing the vulnerability, at least once a week.
- If the vulnerability is accepted, the maintainers will release a patch or update to address it, along with proper credit given to the reporter.
- If the vulnerability is declined, the maintainers will provide a clear explanation of their decision.
- Please note that public disclosure of the vulnerability before the maintainers have addressed it may result in immediate disqualification from any acknowledgments or rewards.