mirror of
https://github.com/inventree/InvenTree.git
synced 2025-09-22 18:41:33 +00:00
.devcontainer
.github
.vscode
InvenTree
ci
contrib
deploy
docker
images
.eslintrc.yml
.gitattributes
.gitignore
.gitpod.yml
.pkgr.yml
.pre-commit-config.yaml
CONTRIBUTING.md
Dockerfile
LICENSE
Procfile
README.md
RELEASE.md
SECURITY.md
crowdin.yml
docker-compose.yml
docker.dev.env
package-lock.json
package.json
requirements-dev.in
requirements-dev.txt
requirements.in
requirements.txt
runtime.txt
setup.cfg
tasks.py
18 lines
790 B
Markdown
18 lines
790 B
Markdown
# Security Policy
|
|
|
|
The InvenTree team take all security vulnerabilities seriously. Thank you for improving the security of our open source software.
|
|
We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
Please report security vulnerabilities by emailing the InvenTree team at:
|
|
|
|
```
|
|
security@inventree.org
|
|
```
|
|
|
|
Someone from the InvenTree development team will acknowledge your email as soon as possible, and indicate the next steps in handling your security report.
|
|
|
|
|
|
The team will endeavour to keep you informed of the progress towards a fix for the issue, and subsequent release to the stable and development code branches. Where possible, the issue will be resolved within 90 days of reporting.
|