Skip to content

Security: wangtong10086/orbit

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you believe you have found a security vulnerability in ORBIT, please do not open a public issue with exploit details.

Instead:

  • use the repository hosting platform's private vulnerability reporting feature if it is available
  • otherwise contact the maintainers through a private channel associated with the repository owner

Please include:

  • a clear description of the issue
  • affected versions or commits if known
  • reproduction steps or a proof of concept when safe to share
  • any suggested mitigations or patches

Response Expectations

Maintainers will aim to:

  • acknowledge the report promptly
  • evaluate severity and impact
  • work toward a fix or mitigation
  • coordinate disclosure timing when appropriate

Scope

This policy applies to vulnerabilities in the code and official project assets in this repository.

It does not guarantee support for:

  • third-party services outside this repository
  • vulnerabilities caused entirely by local misconfiguration
  • issues in unrelated adjacent repositories unless this repository is directly responsible for the integration behavior

There aren't any published security advisories