mirror of
https://github.com/jlengrand/detekt.git
synced 2026-03-10 00:01:19 +00:00
f15ce50d5e
* Create SECURITY.md * Complete initial version of SECURITY.md * Fix PR link * Narrate our supported versions for security * Update SECURITY.md * Update SECURITY.md Co-authored-by: Nicola Corti <corti.nico@gmail.com> * Improve wording * Update SECURITY.md Co-authored-by: Nicola Corti <corti.nico@gmail.com> Co-authored-by: Chao Zhang <chao.zhang@instacart.com> Co-authored-by: Chao Zhang <zhangchao6865@gmail.com> Co-authored-by: Nicola Corti <corti.nico@gmail.com>
1.2 KiB
1.2 KiB
Security Policy
Versions
Generally updating to the latest stable version will have all security issues addressed.
- Security patches are applied up to the current minor version.
- Earlier versions are not supported by default, but we will examine them on a case-by-case basis.
| Version | Addressed issues | Fix |
|---|---|---|
| 1.20.0 | CWE-611 Improper Restriction of XML External Entity Reference | #4499 |
Reporting a Vulnerability
Please report vulnerability to security@detekt.dev. We commit to respond within 2 weeks. You may also find us in the #detekt channel of kotlinlang Slack. If you have already reported on vulnerability disclosure platform, please include its link in the report.