49b9bb6724
Deploy Docs / deploy-docs (push) Failing after 1s
Conformance Tests / client-conformance (push) Failing after 3s
Conformance Tests / server-conformance (push) Failing after 1s
GitHub Actions Security Analysis / zizmor (push) Failing after 1s
CI / checks (push) Failing after 59m20s
CI / all-green (push) Waiting to run
31 lines
1.1 KiB
Markdown
31 lines
1.1 KiB
Markdown
# Security Policy
|
|
|
|
Thank you for helping keep the Model Context Protocol and its ecosystem secure.
|
|
|
|
## Supported Versions
|
|
|
|
Security fixes are released for the most recent stable (v1.x) release line.
|
|
|
|
v2 pre-releases (`2.0.0aN`, …) are development snapshots: fixes land only in
|
|
the newest pre-release, and already-published pre-releases are not patched. If
|
|
you are testing the v2 line, track the latest pre-release; for production use,
|
|
stay on the latest stable release.
|
|
|
|
## Reporting Security Issues
|
|
|
|
If you discover a security vulnerability in this repository, please report it through
|
|
the [GitHub Security Advisory process](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability)
|
|
for this repository.
|
|
|
|
Please **do not** report security vulnerabilities through public GitHub issues, discussions,
|
|
or pull requests.
|
|
|
|
## What to Include
|
|
|
|
To help us triage and respond quickly, please include:
|
|
|
|
- A description of the vulnerability
|
|
- Steps to reproduce the issue
|
|
- The potential impact
|
|
- Any suggested fixes (optional)
|