We actively support security updates for the following versions:
| Version | Supported |
|---|---|
| Latest | ✅ |
| < Latest | ❌ |
If you discover a security vulnerability in Rote, please report it to us responsibly. We take security issues seriously and will address them promptly.
Please email security concerns to: rabithua@gmail.com (or create a private security advisory on GitHub)
When reporting a security vulnerability, please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes (if you have them)
We commit to:
- Initial Response: Within 48 hours of receiving your report
- Status Update: Within 7 days with an assessment
- Resolution: As quickly as possible, depending on the severity
- We will work with you to understand and resolve the issue quickly
- We will notify you when the vulnerability has been fixed
- We will credit you for the discovery (unless you prefer to remain anonymous)
- We will not disclose the vulnerability publicly until a fix is available
When using Rote:
- Keep your installation up to date
- Use strong passwords and enable authentication
- Regularly review and update your API keys
- Follow the deployment guidelines in our documentation
- Keep your database and dependencies updated
Thank you for helping keep Rote and its users safe!