We take the security of sawtooth-memory seriously. If you find a flaw, vulnerability, or exploit in the codebase, we appreciate your help in disclosing it to us responsibly.
We actively support, monitor, and provide security patches for the latest stable release of the project.
| Version | Supported |
|---|---|
| >=1.0.0 | ✅ |
| < 1.0.0 | ❌ |
If you discover a security vulnerability, please do NOT open a public GitHub Issue. Publicly exposing a live vulnerability puts systems running this package at risk.
Instead, please report your findings privately by sending a detailed email to i.am.the.godddddddd@gmail.com.
- A clear description of the vulnerability type and its location.
- Steps to reproduce the issue (including proof-of-concept scripts or payload examples if applicable).
- Potential impact (e.g., memory corruption, data leaks, state poisoning).
- Acknowledge: We will acknowledge receipt of your report within 48 hours.
- Investigate: We will review and replicate the issue internally.
- Fix & Release: A patch or security advisory will be developed and deployed privately before being made public.
Thank you for your cooperation in keeping the ecosystem safe!