mirror of
https://github.com/inventree/InvenTree.git
synced 2025-05-04 14:28:48 +00:00
0a0d151f15
* Create SECURITY.md Add a security disclosure policty document (cherry picked from commit 35b7d51cf20b2e80ddbb7a337e8ab472a6f36300) * Adds desired target for resolution (cherry picked from commit 828163848aedd40d5007f1830fcd0fc800647841)
18 lines
791 B
Markdown
18 lines
791 B
Markdown
# Security Policy
|
|
|
|
The InvenTree team take all security vulnerabilities seriously. Thank you for improving the security of our open source software.
|
|
We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Please report security vulnerabilities by emailing the InvenTree team at:
|
|
|
|
```
|
|
security@inventree.org
|
|
```
|
|
|
|
Someone from the InvenTree development team will acknowledge your email as soon as possible, and indicate the next steps in handling your security report.
|
|
|
|
|
|
The team will endeavour to keep you informed of the progress towards a fix for the issue, and subsequent release to the stable and development code branches. Where possible, the issue will be resolved within 90 dates of reporting.
|