Conner Majic
10f6ae1c2b
Add CONTRIBUTING/SECURITY/CHANGELOG, Gitea issue and PR templates, and README guidance for Gitea metadata and releases. Made-with: Cursor
21 lines
669 B
Markdown
21 lines
669 B
Markdown
# Security policy
|
|
|
|
## Supported versions
|
|
|
|
This repository is under active development. Security fixes land on the default branch (`main`) first.
|
|
|
|
## Reporting a vulnerability
|
|
|
|
Please email the repository maintainers with:
|
|
|
|
- a short description of the issue
|
|
- steps to reproduce (if applicable)
|
|
- affected component (`solver-api`, `gui-ts`, `solver-c`, Docker, etc.)
|
|
|
|
Do not open a public issue for undisclosed vulnerabilities.
|
|
|
|
## Scope notes
|
|
|
|
- The local API is intended for **trusted development networks**. Do not expose it to the public internet without hardening (TLS, auth, rate limits, reverse proxy).
|
|
- Treat uploaded XML as untrusted input at API boundaries.
|