mirror of
https://github.com/zitadel/zitadel
synced 2024-11-22 00:39:36 +00:00
abf5151653
* Updates up to "PROJECT" Capitalisation of headings and buttons using the rules recommended here: https://grammar.yourdictionary.com/capitalization/rules-for-capitalization-in-titles.html * Spell checking and minor improvements * only deploy docs on master * Improved reference to security repo. * Completed en.json and re-worked de.json up to "VALIDATION". * Re-work up to "MEMBERSHIP" * Completed language strings. * Updates to INVALIDPATTERN. Proposal for the message string in English and German . * Re-work of personal pronouns in German language strings. Changing de.json from "Sie" to "Du" and other improvements. * Apply suggestions from code review Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * Update SECURITY.md Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * Update console/src/assets/i18n/de.json * Apply suggestions from code review * Update console/src/assets/i18n/de.json * Update console/src/assets/i18n/de.json * Update console/src/assets/i18n/en.json Co-authored-by: Florian Forster <florian@caos.ch> Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
1.5 KiB
1.5 KiB
Security Policy
At CAOS we are extremely grateful for security aware people who disclose vulnerabilities to us and the open source community. All reports will be investigated by our team.
Supported Versions
After the initial Release the following version support will apply
| Version | Supported |
|---|---|
| 1.x.x | ✅ (not yet available) |
| 0.x.x | ❌ |
Reporting a vulnerability
To file an incident, please disclose it by e-mail to security@zitadel.ch including the details of the vulnerability.
At the moment GPG encryption is no yet supported, however you may sign your message at will.
When should I report a vulnerability
- You think you discovered a
- potential security vulnerability in
ZITADEL - vulnerability in another project that
ZITADELis based on
- potential security vulnerability in
- For projects with their own vulnerability reporting and disclosure process, please report it directly there
When should I NOT report a vulnerability
- You need help applying security related updates
- Your issue is not security related
Security Vulnerability Response
TBD
Public Disclosure
All accepted and mitigated vulnerabilities will be published on ZITADEL's GitHub Security Page.
Timing
We think it is crucial to publish advisories ASAP as mitigations are ready. But due to the unknown nature of the discloures the time frame can range from 7 to 90 days.