Skip to content

Security: ContextualWisdomLab/pg-erd-cloud

SECURITY.md

Security Policy

Reporting a Vulnerability

If you believe you have found a security vulnerability in this project, please do not open a public issue.

Preferred: report privately via GitHub Security Advisories:

Include, when possible:

  • A clear description of the issue and potential impact
  • Steps to reproduce (PoC), affected versions/commits, and environment details
  • Any suggested fix or mitigation

Disclosure Timeline

We aim to:

  • Acknowledge receipt within 3 business days
  • Provide a remediation plan or status update within 14 days
  • Fix the issue and coordinate disclosure within 90 days, when feasible

Timelines may vary depending on severity, complexity, and downstream impact.

There aren't any published security advisories