Dark Mode

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Security: ManuelGil/nspin

Security

docs/SECURITY.md

SECURITY.md

At nspin, we take security very seriously. This document outlines our security policy, explains the types of issues we address, and provides guidelines for reporting vulnerabilities. Our goal is to ensure a secure experience for all users.

Index

  • SECURITY.md
    • Index
    • Supported Versions
    • Reporting a Vulnerability
    • Our Response Process
    • Security Best Practices
    • Additional Resources

Supported Versions

We actively support the latest version of nspin. If you discover a vulnerability in an older, unsupported version, please upgrade to the latest release and verify if the issue persists.

Reporting a Vulnerability

If you discover a security vulnerability in nspin, please follow these guidelines:

  1. Do Not Create a Public Issue: Avoid public disclosure of vulnerabilities as it may expose the issue to malicious parties. Instead, report the vulnerability privately.

  2. Contact Us Securely: Send an email with your report to: security@imgil.dev

  3. Include the Following Information:

    • Description: A clear and detailed description of the vulnerability.
    • Reproduction Steps: Step-by-step instructions to reproduce the issue, including any relevant code samples or configuration details.
    • Environment Details: Information about your environment, such as:
      • Node.js version (ensure it's Node.js v22+)
      • Operating system and version
      • nspin version in use
    • Impact: Describe the potential impact of the vulnerability.
    • Logs and Screenshots: Any error messages, logs, or screenshots that can help diagnose the issue.
    • Contact Information: Your email or other preferred contact details (optional, if you agree to be contacted for further clarification).

Our Response Process

  • Acknowledgment: We will acknowledge receipt of your report within 72 hours.

  • Investigation: Our security team will investigate the reported issue promptly and work on a fix if necessary.

  • Resolution and Disclosure: Once a vulnerability is confirmed and a fix is implemented, we will release an update and provide public disclosure of the issue. We will give appropriate credit to the reporter if desired.

Security Best Practices

  • Keep Software Updated: Always run the latest version of nspin and update your Node.js environment regularly.

  • Monitor Vulnerabilities: Stay informed about potential vulnerabilities in your dependencies and follow security advisories.

  • Use Secure Coding Practices: Review and adhere to security best practices when integrating nspin into your projects.

Additional Resources

Thank you for helping us make nspin a secure and reliable tool.

There aren't any published security advisories