If you discover any security vulnerabilities in the XORS project, please report them on our GitHub Security Advisories, which is enabled for the XORS project. We will review and respond to all security advisories as soon as possible.
If you are unsure whether or not a vulnerability is security-related, please submit it anyway. We would rather have a few duplicate reports than miss a serious vulnerability. Please do not report security vulnerabilities on the public issue tracker.
Only the latest version of XORS is currently being supported with security updates. We recommend that you always use the latest version of XORS to ensure that you have the latest security updates.
We take security seriously and have implemented the following measures to protect the XORS project:
- Regular code reviews
- Automated testing
- Secure coding practices
- Vulnerability scanning
We kindly request that you follow responsible disclosure practices when reporting security vulnerabilities. This includes:
- Providing detailed information about the vulnerability
- Allowing us a reasonable amount of time to address the issue before disclosing it publicly
- Not exploiting the vulnerability or causing any harm to the project or its users
Thank you for your cooperation in keeping the XORS project secure.