librespot/SECURITY.md

# Security Policy

## Supported Versions

We will support the latest release and main development branch with security updates.

## Reporting a Vulnerability

If you believe to have found a vulnerability in `librespot` itself or as a result from
one of its dependencies, please report it by contacting one or more of the active
maintainers directly, allowing no less than three calendar days to receive a response.

If you believe that the vulnerability is public knowledge or already being exploited
in the wild, regardless of having received a response to your direct messages or not,
please create an issue report to warn other users about continued use and instruct
them on any known workarounds.

On your report you may expect feedback on whether we believe that the vulnerability
is indeed applicable and if so, when and how it may be fixed. You may expect to
be asked for assistance with review and testing.
Create SECURITY.md 2022-08-01 20:46:05 +00:00			`# Security Policy`

			`## Supported Versions`

			`We will support the latest release and main development branch with security updates.`

			`## Reporting a Vulnerability`

			If you believe to have found a vulnerability in `librespot` itself or as a result from
			`one of its dependencies, please report it by contacting one or more of the active`
			`maintainers directly, allowing no less than three calendar days to receive a response.`

			`If you believe that the vulnerability is public knowledge or already being exploited`
			`in the wild, regardless of having received a response to your direct messages or not,`
			`please create an issue report to warn other users about continued use and instruct`
			`them on any known workarounds.`

			`On your report you may expect feedback on whether we believe that the vulnerability`
			`is indeed applicable and if so, when and how it may be fixed. You may expect to`
			`be asked for assistance with review and testing.`