Files
wehub-resource-sync 36b3af2e3d
PR Check / Code Quality: Format (push) Failing after 1s
PR Check / Code Quality: Lint (darwin) (push) Failing after 0s
PR Check / Code Quality: Lint (freebsd) (push) Failing after 1s
PR Check / Code Quality: Lint (windows) (push) Failing after 1s
PR Check / Code Quality: Lint (linux) (push) Failing after 1s
PR Check / Security: Vulnerability Scan (push) Failing after 0s
Update Documentation / update-docs (push) Failing after 2s
PR Check / Code Quality: Vendor (push) Failing after 1s
PR Check / Code Quality: Coverage (push) Failing after 0s
PR Check / Tests: Unit (macos-latest) (push) Has been cancelled
PR Check / Tests: Unit (ubuntu-24.04) (push) Has been cancelled
PR Check / Tests: Unit (ubuntu-24.04-arm) (push) Has been cancelled
PR Check / Tests: Unit (windows-latest) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:22:06 +08:00

1.5 KiB
Raw Permalink Blame History

Security Policy

Supported Versions

We currently support the following versions of witr with security updates:

OS Supported
macOS
Linux
Windows
FreeBSD

See our Feature Compatibility Matrix for more details.

Reporting a Vulnerability

We take the security of witr seriously. If you believe you have found a security vulnerability, please report it to us responsibly.

How to report:

Use the "Report a vulnerability" button in the repositorys Security tab on GitHub to submit your report privately. Only maintainers and the reporter will see the submission.

What to include in your report:

  • A description of the vulnerability.
  • Steps to reproduce the issue (including any sample code or configuration).
  • Potential impact of the vulnerability.
  • Any suggested mitigations or fixes.

Our Response Process

  1. Acknowledgment: We will acknowledge receipt of your report within 48 hours.
  2. Investigation: We will investigate the report and determine the severity and impact.
  3. Fix: If a vulnerability is confirmed, we will work on a fix and release a new version as soon as possible.
  4. Disclosure: We will coordinate the disclosure of the vulnerability with you to ensure that users have time to update.

Attribution

This security policy is based on standard open-source practices.