From 746d35333603211e51b65ae6c197bcfb9e6297ac Mon Sep 17 00:00:00 2001 From: yangdx Date: Mon, 12 May 2025 23:26:44 +0800 Subject: [PATCH] Update security.md --- SECURITY.md | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 034e8480..a00c3dec 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,21 +1,19 @@ -# Security Policy +# Reporting Security Issues -## Supported Versions +The LightRAG team and community take security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions. -Use this section to tell people about which versions of your project are -currently being supported with security updates. +To report a security issue, please use the GitHub Security Advisory: [Report a Vulnerability](https://github.com/HKUDS/LightRAG/security/advisories/new) + +The LightRAG team will send a response indicating the next steps in handling your report. After the initial reply to your report, the security team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance. + +Report security bugs in third-party modules to the person or team maintaining the module. + +### Supported Versions + +The following versions currently being supported with security updates. | Version | Supported | | ------- | ------------------ | -| 5.1.x | :white_check_mark: | -| 5.0.x | :x: | -| 4.0.x | :white_check_mark: | -| < 4.0 | :x: | +| 1.2.x | :x: | +| 1.3.x | :white_check_mark: | -## Reporting a Vulnerability - -Use this section to tell people how to report a vulnerability. - -Tell them where to go, how often they can expect to get an update on a -reported vulnerability, what to expect if the vulnerability is accepted or -declined, etc.