Skip to content

Security: cybrota/whispr

Security

docs/SECURITY.md

Security in Whispr

Being a security tool, we take security seriously and strive to maintain a secure development process & use of clean components. This document outlines our approach to handling security-related issues.

Responsible Disclosure

We encourage responsible disclosure of security vulnerabilities in Whispr. If you believe you've found a security issue, please report it to us using the GitHub Issues feature or via email at [email protected].

Do not disclose security issues publicly without our permission.

Reporting Security Vulnerabilities

When reporting a security vulnerability, please include:

  1. Clear description: A detailed explanation of the issue.
  2. Steps to reproduce: A step-by-step guide on how to reproduce the issue.
  3. Potential impact: An estimate of the potential impact if exploited.
  4. Fix suggestion: Any suggested fixes or mitigations.

Security Process

When a security vulnerability is reported, our process includes:

  1. Acknowledgment: We'll respond to acknowledge receipt of your report and express gratitude for bringing it to our attention.
  2. Internal review: Our team will investigate the issue internally.
  3. Verification: We'll verify the existence of the vulnerability through testing or other means.
  4. Fix development: If the issue is confirmed, we'll develop a fix.
  5. Release: Once the fix is developed and tested, it will be released in a new version of Whispr.

There aren’t any published security advisories