mirror of
https://github.com/labring/FastGPT.git
synced 2026-05-07 01:02:55 +08:00
Archer
26 lines
1.1 KiB
Markdown
26 lines
1.1 KiB
Markdown
# Security Policy
|
|
|
|
## Vulnerability Reporting
|
|
|
|
If you discover a security vulnerability in FastGPT, please follow the steps below to report it:
|
|
|
|
1. **How to Report**
|
|
You can submit a report at https://github.com/labring/FastGPT/security/advisories.
|
|
|
|
2. **Response Time**
|
|
- We will acknowledge receipt of your report within 48 hours.
|
|
- An initial assessment will generally be provided within 3 business days.
|
|
|
|
3. **Vulnerability Handling Process**
|
|
- **Confirmation**: We will verify the existence and scope of impact of the vulnerability.
|
|
- **Fix Development**: A fix will be developed for confirmed vulnerabilities.
|
|
- **Release**: Security patches will be released in the next version update.
|
|
- **Public Disclosure**: After the fix is complete, relevant information will be published in the changelog.
|
|
|
|
4. **Important Notes**
|
|
- Please do not publicly disclose vulnerability details before a fix has been released.
|
|
- We welcome responsible vulnerability disclosure.
|
|
- Significant contributors will be acknowledged in the project's credits.
|
|
|
|
Thank you for contributing to the security of FastGPT!
|