Security Policy
Supported Versions​
| Version | Supported |
|---|---|
| 0.0.x | ✅ |
Reporting a Vulnerability​
We take the security of Duck-UI seriously. If you have discovered a security vulnerability, please report it to us as described below.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them directly to the project maintainer at [email protected]
Please include the following information:
- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
- Full paths of source file(s) related to the manifestation of the issue
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Proof-of-concept or exploit code (if possible)
- Impact of the issue, including how an attacker might exploit the issue
This information will help us triage your report more quickly.
Preferred Languages​
We prefer all communications to be in English, but are also able to understand Portuguese and Spanish.
Policy​
- We will respond to your report within the fastest time possible, acknowledging your report and letting you know the next steps.
- If you have followed the instructions above, we will not take any legal action against you in regard to the report.
- We will keep you informed of the progress towards resolving the problem.
- If you have acted in good faith, we will publicly acknowledge your responsible disclosure, if you wish.
Thank you for helping keep Duck-UI and our users safe!