Security is a top priority for AOS (Ajay O S Platform).
We are committed to protecting our users, contributors, and infrastructure by addressing security issues responsibly and promptly.
We appreciate the efforts of security researchers and community members who help keep AOS secure.
AOS follows a rolling support model.
Only the latest actively maintained versions are supported with security updates.
| Version Range | Support Status |
|---|---|
| Current (2026+) | β Supported |
| Older versions | β Not Supported |
Security fixes are applied to the current production codebase.
Older versions may not receive patches.
If you believe you have discovered a security vulnerability, please report it privately and responsibly.
π§ Contact: [email protected]
When reporting, please include:
- A clear description of the issue
- Steps to reproduce the vulnerability
- Affected components or services
- Potential impact
- Suggested mitigation or fix (if available)
We aim to:
- Acknowledge reports within 48 hours
- Assess severity promptly
- Coordinate fixes responsibly
- Communicate progress when appropriate
Critical vulnerabilities are prioritized for immediate resolution.
AOS follows a coordinated disclosure process:
- Vulnerabilities should not be disclosed publicly before a fix is released
- We may publish security advisories or changelog notes after remediation
- Credit may be given to reporters (with consent)
This approach helps protect users while ensuring transparency.
Please do not:
- Publicly disclose vulnerabilities before remediation
- Exploit vulnerabilities on production systems
- Access or modify user data without authorization
- Perform testing that disrupts services or violates privacy
Any testing must be conducted ethically and responsibly.
AOS is committed to:
- Treating security reports seriously
- Handling disclosures respectfully and confidentially
- Maintaining trust with our users and contributors
π‘οΈ Security is a shared responsibility.
Thank you for helping keep AOS safe and reliable.