| Version | Supported |
|---|---|
| 0.0.1 | ✅ |
We take security issues seriously. We appreciate your efforts to responsibly disclose your findings.
Please DO NOT report security vulnerabilities through public GitHub issues.
Instead, please follow these steps:
- Open an issue in github repo
- Include steps to reproduce the issue if possible
- Include the potential impact of the vulnerability
- Allow time for us to address the issue before any public disclosure
When you report a vulnerability:
- We'll provide a more detailed response within 7 days, indicating next steps
- We'll keep you informed about our progress resolving the issue
- Use env variables or secure storage for your API keys. DO NOT HARDCODE ANY API KEYS!
- Use the latest version of DocDog
- Use a venv to isolate dependencies
Upon receiving a security report, we will:
- Confirm the vulnerability
- Determine its impact and severity
- Develop and test a fix
- Release a patch and disclose the vulnerability (without technical details that could be exploited)
Thank you!