Skip to content

Security: Coding-Dev-Tools/devforge

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in any DevForge tool, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please:

  1. Email security concerns to the maintainers via GitHub's security advisory feature
  2. Use GitHub's private vulnerability reporting feature
  3. Include a clear description of the vulnerability and steps to reproduce

Response Timeline

  • Acknowledgment: Within 48 hours
  • Initial Assessment: Within 5 business days
  • Resolution: Depends on severity, critical issues prioritized

Supported Versions

We support the latest release of each tool. Please update to the latest version before reporting issues.

Security Best Practices

  • Never commit secrets, API keys, or credentials
  • Use environment variables for sensitive configuration
  • Report any discovered credentials in source code immediately

Thank you for helping keep DevForge secure.

There aren't any published security advisories