Skip to content

Security: Weltraumschaf/defectdojo-client-java

Security

SECURITY.md

Security Policy

Supported Versions

Our release cycle for new features (minior semver update) is roughly every two weeks (we will usually make a new release after each review).

Version Security Fixes* Supported**
4.x.x
3.15.x
<= 2.9.x
< 2.0

Major Release (Semver)

Upcoming major updates will come with a time window in which both major versions (starting with v2.x.x) will receive security updates and bugfixes. The concrete support intervall will be probably a couple of months and will be published when the next major version will be released.

Minor Release/Feature Releases (Semver)

We currently plan to provide support for the latest minor semver release only.

Patch Release/Bugfix/Security Fix

We try to make bugfixes and high severity fixes available as patch release for the current minor release as early as possible.

Extended (Enterprise) Support

If you are interested in extended support for older versions with security updates of our project please get in touch with the project team via Slack or email [email protected].

Reporting a Vulnerability

You have found a vulnerability in the project that shouldn't be disclosed as public issue before it's fixed? Please get in touch with the project team via Slack or email [email protected].

You can expect a fast reaction within the next days. We will keep you updated about the next steps and inform you if the vulnerability is accepted and when its fixed or if its ordeclined somehow.

There aren’t any published security advisories