Skip to content

Security: muhammad-fiaz/logly.zig

SECURITY.md

Security Policy

Supported Versions

The following table shows which versions of this project are currently supported with security updates.

Version Supported
0.2.0
< 0.2.0

⚠️ Versions below 0.2.0 are considered end-of-life and will not receive security fixes or updates.

Zig Compatibility

  • 0.1.7 or earlier supports Zig 0.15.0
  • 0.1.8 or newer supports Zig 0.16.0+
  • Zig downloads and release notes: ziglang.org

Reporting a Vulnerability

If you discover a security vulnerability, please report it responsibly.

Where to Report

Preferred reporting method:

Other supported options:

  • 🔧 Create a Pull Request if you have already resolved the issue
    (avoid including sensitive exploit details)
  • 🔒 Create a GitHub Security Advisory for private disclosure

❗ If the vulnerability is critical or sensitive, please start with a
GitHub Security Advisory instead of a public issue.

What to Include

When reporting a vulnerability, please include:

  • Affected version(s)
  • Clear description of the issue
  • Steps to reproduce (if applicable)
  • Potential impact or severity
  • Suggested fix or mitigation (optional)

Response Timeline

  • Acknowledgement: within 48 hours
  • Initial review: within 5–7 days
  • Resolution: depending on severity and complexity

Accepted vs Declined Reports

  • Accepted:

    • A fix will be released for supported versions
    • A security advisory may be published
    • Credit will be given upon request
  • Declined:

    • Issues affecting unsupported versions (< 0.1.0)
    • Expected or documented behavior
    • Issues already fixed in a newer release

Thank you for helping keep this project secure 🤝

There aren't any published security advisories