- Notifications
You must be signed in to change notification settings - Fork12
Security: secureCodeBox/defectdojo-client-java
Security
SECURITY.md
Ourrelease cycle for new features (miniorsemver update)is roughly every two weeks (we will usually make a new release after each review).
| Version | Security Fixes* | Supported** |
|---|---|---|
| 4.x.x | ✅ | ✅ |
| 3.15.x | ✅ | ✅ |
| <= 2.9.x | ❌ | ❌ |
| < 2.0 | ❌ | ❌ |
Upcoming major updates will come with a time window in which bothmajor versions (starting with v2.x.x)will receive security updates and bugfixes. The concrete support intervall will be probably a couple of monthsand will be published when the next major version will be released.
We currently plan to provide support for thelatest minorsemver release only.
We try to make bugfixes and high severity fixes available as patch release for the current minor releaseas early as possible.
If you are interested in extended support for older versions with security updates of our projectplease get in touch with the project team via Slack or emailsecureCodeBox@iteratec.com.
You have found a vulnerability in the project that shouldn't be disclosed as public issue before it's fixed?Please get in touch with the project team via Slack or emailsecureCodeBox@iteratec.com.
You can expect a fast reaction within the next days.We will keep you updated about the next steps and inform you if the vulnerability is accepted and when its fixed or if its ordeclined somehow.