We maintain security support and recommendations for the following versions:
| Version | Supported |
|---|---|
| v0.03 | ✅ Latest stable |
If you discover a potential security vulnerability in the Iyesi project, please follow these steps instead of opening a public issue:
- Email: Send a detailed report to [email protected].
- PGP (optional): Encrypt your report using our public key (if available) to
[email protected].
Include the following information in your report:
- A description of the vulnerability
- Steps to reproduce or a minimal proof-of-concept
- Impact assessment (e.g., data leakage, code execution)
- Any suggested remediation
| Phase | Timeline |
|---|---|
| Acknowledgment | Within 2 business days |
| Resolution | Target: within 14 days |
| Disclosure | Coordinated with reporter |
- Acknowledgment: We will confirm receipt of your report.
- Investigation: We’ll prioritize and investigate the issue.
- Fix & Release: A patch or mitigation will be released.
- Disclosure: After resolution, we’ll work with you on coordinated disclosure.
- Regular dependency updates
- Automated static code analysis
- Peer reviews for security-critical changes
Maintained by Ahmet Emre. For any questions regarding this policy, email [email protected].