If you discover a security vulnerability in NotifyHub, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
Instead, please email: gabrielbbaldez@gmail.com
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Assessment: Within 1 week
- Fix: Depends on severity (critical: ASAP, high: 2 weeks, medium: next release)
| Version | Supported |
|---|---|
| 0.9.x | Yes |
| < 0.9 | No |
This policy covers the NotifyHub library code. Third-party APIs and services (Twilio, Discord, Slack, etc.) have their own security policies.