From 3717c876e6843729637a3385fc691b9d2c29348a Mon Sep 17 00:00:00 2001 From: StapleGun24 <131411631+StapleGun24@users.noreply.github.com> Date: Thu, 20 Apr 2023 19:42:08 -0400 Subject: [PATCH] Create SECURITY.md --- SECURITY.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..a2016e1 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,27 @@ +Security Policy + +Supported Versions + +At MiniGPT-4, we prioritize the security of our product and its users. This section outlines which versions of MiniGPT-4 are currently supported with security updates. + +Version Supported +5.1.x :white_check_mark: +5.0.x :x: +4.0.x :white_check_mark: +< 4.0 :x: +Reporting a Vulnerability + +We appreciate the effort of skilled security researchers in identifying and mitigating security vulnerabilities in MiniGPT-4. If you discover a vulnerability, please report it to us in a responsible manner. + +To report a vulnerability, please open an issue on the GitHub repository and tag it with the "security" label. When reporting a vulnerability, please include: + +A detailed description of the vulnerability. +Steps to reproduce the vulnerability. +Any supporting material, such as proof-of-concept code or screenshots. +Your name/handle and contact information (if you wish to be credited). +Any specific time-frame for disclosure (if applicable). +We will acknowledge receipt of your report within 24 hours and will aim to provide an initial assessment of the vulnerability within 72 hours of receipt. If the vulnerability is accepted, we will work with you to identify and develop a fix for the issue. We will keep you updated on the progress of the fix and will provide credit to you in the release notes (if you wish to be credited). + +If the vulnerability is declined, we will provide an explanation for the decision and will work with you to address any concerns you may have. + +Thank you for helping us to make MiniGPT-4 a more secure product.