23 lines
1.0 KiB
Markdown
23 lines
1.0 KiB
Markdown
# Security Policy
|
|
|
|
## Sponsoring the project
|
|
|
|
This project is maintained by a small team of two and therefore lacks the resource to provide security fixes in a timely manner.
|
|
|
|
If you have important business(es) that relies on this project, please consider sponsoring the project so that the maintainer(s) can commit to providing such service.
|
|
|
|
Please refer to https://github.com/sponsors/actions-runner-controller for available tiers.
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
| ------- | ------------------ |
|
|
| 0.23.0 | :white_check_mark: |
|
|
| < 0.23.0| :x: |
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
To report a security issue, please email ykuoka+arcsecurity(at)gmail.com with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.
|
|
|
|
A maintainer will try to respond within 5 working days. If the issue is confirmed as a vulnerability, a Security Advisory will be opened. This project tries to follow a 90 day disclosure timeline.
|