This document outlines the security policy for the Docker Deploy Agent.
To report a security vulnerability, please send an email to [email protected] with a detailed description of the issue, including any steps to reproduce the vulnerability. I will work with you to validate the vulnerability and determine the appropriate response.
I will make my best effort to respond to security vulnerability reports as quickly as possible.
Once a vulnerability is reported, I will triage the issue to determine its severity and impact, and will prioritize remediation efforts accordingly. I will also communicate with the reporter throughout the process to provide updates on the status of the vulnerability and any remediation efforts.
I will follow a responsible disclosure policy, and will not disclose any information about a vulnerability until it has been remediated. Once a vulnerability has been remediated, I will publicly disclose information about the issue, including any patches or updates that have been released.
If a vulnerability is confirmed, I will make every effort to provide a patch or update as quickly as possible. I will also provide clear instructions for users and contributors on how to apply the patch or update, and will work to ensure that the process is as smooth and straightforward as possible.
I encourage responsible disclosure of security vulnerabilities and appreciate the efforts of security researchers to help us identify and address issues in a responsible and coordinated manner.
If you have any questions about the security policy or need to report a security vulnerability, please send an email to [email protected].