The following versions of Traqora are currently being supported with security updates.
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
We take the security of Traqora seriously. If you believe you have found a security vulnerability in Traqora, please report it to us as soon as possible.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them via email to [email protected].
- A descriptive title for the vulnerability.
- A detailed description of the vulnerability.
- Steps to reproduce the issue (proof of concept).
- Any potential impact of the vulnerability.
- Your contact information (optional but recommended).
- Acknowledgment: We will acknowledge receipt of your report within 48 hours.
- Investigation: We will investigate the issue and determine its severity and impact.
- Fix: We will work on a fix and test it thoroughly.
- Disclosure: We will coordinate with you to disclose the vulnerability and the fix in a responsible manner.
Traqora uses automated security scanning tools to identify vulnerabilities:
- Snyk: Dependency and code scanning.
- SonarCloud: Static Application Security Testing (SAST).
- Dependabot: Automated dependency updates.
We recommend all contributors to run local security checks before submitting pull requests.