Ferrit Explore
中文·繁體·EN·日本語 Sign in Register
cielxl / veld / SECURITY.md
# Security Policy

## Status

veld is an open-source project provided "as is". It has **not** undergone an independent
security audit. While it is built on memory-safe Rust and well-reviewed crates (tokio,
rustls), you should evaluate it carefully before exposing it to untrusted traffic in
production.

## Supported versions

Only the latest released version receives security fixes.

| Version | Supported |
|---------|-----------|
| 0.1.x   | ✅        |

## Reporting a vulnerability

Please report security issues **privately** — do not open a public GitHub issue for an
unfixed vulnerability.

- Preferred: use GitHub's **"Report a vulnerability"** button under the repository's
  **Security** tab (Private Vulnerability Reporting).
- Alternatively, email **cielxl@gmail.com** with the details and, if possible, a
  proof-of-concept and affected version.

Please include:

- A description of the issue and its impact.
- Steps to reproduce (config, request, environment).
- The affected version / commit.

You can expect an initial acknowledgement within a reasonable time. Once a fix is
available, we will credit reporters who wish to be named.