Security updates are currently provided for the latest code available on the main branch.
| Version | Supported |
|---|---|
| main | ✅ Yes |
To report a security vulnerability in LecturePulse, please contact the maintainer through one of the following channels:
- 👤 Maintainer Profile: Github
- 💬 Contact the maintainer through any social links listed on the GitHub profile
Please do not open a public GitHub issue for security vulnerabilities.
| Action | Timeframe |
|---|---|
| Acknowledgement of report | Within 48 hours |
| Status update | Within 7 days |
| Patch / fix release | Within 30 days |
We follow a responsible disclosure policy:
- Please report vulnerabilities privately before any public disclosure
- We request an embargo period of 30 days to investigate and patch the issue
- After a fix is released, you are welcome to publish your findings
- We will credit reporters in release notes unless anonymity is requested
- We deeply appreciate the efforts of security researchers and contributors who help keep the project secure 🙏
- A clear description of the vulnerability
- Steps to reproduce the issue
- Affected versions or components
- Potential impact assessment
- Proof of concept, screenshots, or logs (if applicable)
- Any suggested fix (optional but appreciated)
- LecturePulse Repository: https://github.com/rishima17/LecturePulse
- GitHub Security Advisories: https://docs.github.com/en/code-security/security-advisories
- OWASP Vulnerability Disclosure Cheat Sheet: https://owasp.org/www-community/Vulnerability_Disclosure_Cheat_Sheet
- Adding a Security Policy to Your Repository: https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository