Skip to content

Security: middag-io/middag-php-ui

Security

SECURITY.md

Security Policy

Supported Versions

middag-io/ui is on the 1.x line. Only the newest release receives security fixes — there are no long-term support branches, and upgrading to the latest 1.x release is the supported remediation path.

Version Supported
Latest 1.x release
Older releases

During 1.x the public API is still consolidating — a minor release may carry a documented breaking change. We recommend tracking the latest release so you receive security and bug fixes promptly.

Reporting a Vulnerability

If you discover a security vulnerability, please report it privately by email to michael@middag.io.

Do not open public GitHub issues, pull requests, or discussions for security problems. Public disclosure before a fix is available puts all users at risk.

Please include as much detail as you can:

  • A description of the vulnerability and its potential impact.
  • Steps to reproduce, or a proof of concept.
  • Affected version(s) and any relevant environment details.

What to expect

  • Acknowledgement: We aim to acknowledge your report within a few business days.
  • Coordinated disclosure: We follow responsible (coordinated) disclosure. We will work with you to understand and address the issue before any public disclosure, and we ask that you keep the report confidential until a fix has been released.
  • Credit: If you would like recognition for your report, we are happy to credit you once the issue is resolved. Let us know your preference.

Thank you for helping keep middag-io/ui and its users safe.

There aren't any published security advisories