Skip to content

Security: hdresearch/shepherd

Security

SECURITY.md

Security Policy

We take the security of Shepherd seriously. Thank you for helping keep the project and its users safe.

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, report them privately through GitHub's private vulnerability reporting:

  1. Go to the Security tab of this repository.
  2. Click "Report a vulnerability" to open a private security advisory.

Please include as much of the following as you can:

  • A description of the vulnerability and its potential impact
  • Steps to reproduce, or a proof-of-concept
  • Affected versions, components, or configurations
  • Any suggested mitigation, if you have one

What to expect

  • We will acknowledge your report as soon as we can and keep you informed as we investigate.
  • Once a fix is released, we are happy to credit you in the advisory unless you prefer to remain anonymous.
  • Please give us a reasonable opportunity to address the issue before any public disclosure.

Supported Versions

Shepherd is in active pre-1.0 development. Security fixes are applied to the latest release tracking the main branch.

There aren't any published security advisories