If you discover a security vulnerability in Hookpipe, please report it responsibly.
Do not open a public issue.
Instead, open a private security advisory on GitHub.
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
We will acknowledge your report within 48 hours and aim to provide a fix or mitigation within 7 days for critical issues.
| Version | Supported |
|---|---|
| latest | Yes |
This policy covers the Hookpipe application code. Third-party dependencies are managed through Dependabot and regular updates.