Skip to content

Security: developersIndia/deviras

Security

SECURITY.md

Security

At developersIndia we take the security of our community-maintained Free & Open-Source Software (FOSS) seriously, which includes all source code repositories managed through our GitHub organizations.

If you believe you have found a security vulnerability in any developersIndia-maintained repository that look like a breach of a security vulnerability to you, please report it to us as described below.

Reporting Security Issues

Each project maintained under the developersIndia GitHub Org banner has it own specific repository hosted on GitHub. And each of those repositories has it's Issue/Discussion enabled to promote community discussions, further product enhancements, bug reports, etc within the community. As such we request you to utilize that platform to report any security vulnerability as well.

Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:

  • Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
  • Full paths of source file(s) related to the manifestation of the issue
  • The location of the affected source code (tag/branch/commit or direct URL)
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue
  • Proof-of-concept or exploit code (if possible)
  • Impact of the issue, including how an attacker might exploit the issue

This information will help us triage your report more quickly.

Preferred Languages

We prefer all communications on GitHub to be in English. If you're comfortable communicating in a language other than English & one which is widely spoken across the Indian subcontinent, please reach out to the maintainers of the respectic projects and/or the moderators of either the Discord/Reddit platforms.

There aren’t any published security advisories