The following versions of AniSensei are currently supported with security updates:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.x.x | ❌ |
If you discover a security vulnerability within AniSensei, please follow the guidelines below to responsibly disclose it:
- Contact us directly: Do not disclose the vulnerability publicly before discussing it with us. You can report vulnerabilities via our dedicated email: security@anisensei.com.
- Provide detailed information: Include as much information as possible in your report. This should include:
- Steps to reproduce the vulnerability
- A detailed description of the security flaw
- The potential impact and any proof-of-concept (PoC) exploits
- Versions affected
- Response time: We aim to respond to all reports within 48 hours. Upon confirming the issue, we will work to address the vulnerability as quickly as possible. You will be kept updated during this process.
- Disclosure policy: After we release a fix, we will disclose the vulnerability details to the public responsibly, crediting the reporter if they desire.
When contributing to AniSensei, please adhere to the following security practices:
- Ensure secure coding practices, including proper validation, sanitation, and encryption.
- Keep dependencies up to date. Review and monitor for any security issues in external libraries.
- Use security tools and linters to detect vulnerabilities early in development.
- Report any suspicious behavior in the application or among the contributors.
Thank you for helping us maintain the security of AniSensei!