Skip to content

Security: mdtazizulislam/zonforge-platform

Security

SECURITY.md

Security Policy

Platform status: Production-Oriented Platform Under Active Development

Scope

This file defines how to report potential security vulnerabilities in this repository and how reports are handled.

Implementation-oriented security notes live in docs/SECURITY.md.

Supported Branch

  • main is the supported branch for security fixes and disclosure coordination.

Reporting a Vulnerability

If you believe you found a vulnerability:

  1. Do not publish exploit details publicly before maintainers review.
  2. Open a GitHub issue with minimal sensitive detail and label it as security-related.
  3. Include reproducible steps, affected paths, and impact assessment.
  4. If sensitive data must be shared, keep the public issue minimal and coordinate follow-up with maintainers.

Current disclosure path in this repository:

  • GitHub Issues in this repository

No dedicated external security mailbox is declared in this repository at this time.

What to Include

  • Affected component or path
  • Preconditions
  • Reproduction steps
  • Potential impact
  • Suggested mitigation (if known)

Response Commitment

Maintainers will triage and classify reports as quickly as possible.

Detailed workflow is documented in docs/SECURITY_RESPONSE_PROCESS.md.

Repository Security Notes

Product security features and controls are documented separately from disclosure workflow. See docs/SECURITY.md for implementation-oriented security notes.

There aren't any published security advisories