We release patches for security vulnerabilities for the following versions:
| Version | Supported |
|---|---|
| 2.0.x | ✅ |
| 1.0.x | ❌ |
If you discover a security vulnerability within Starbelly, please send an email to the maintainers at Hyperion Gray (acaceres@hyperiongray.com). All security vulnerabilities will be promptly addressed.
Please do not publicly disclose the issue until it has been addressed by the team.
When reporting a vulnerability, please include:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Any suggested fixes (if available)
We appreciate your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.
- The security report is received and assigned to a primary handler
- The problem is confirmed and affected versions are determined
- Code is audited to find any similar problems
- Fixes are prepared for all supported releases
- New versions are released and announcements are made