The following versions of pg-wire-mock are currently supported with security updates:
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
We take the security of pg-wire-mock seriously. If you believe you've found a security vulnerability in pg-wire-mock, please follow these steps:
- Do not disclose the vulnerability publicly.
- Send details to the maintainers privately.
- Email: [email protected]
- Please include as much detail as possible about the vulnerability.
- If you have a suggested fix, that is very helpful.
- Allow time for response.
- The maintainers will acknowledge receipt of your report within 48 hours.
- You'll receive a more detailed response within 7 days.
- This will include confirmation of the vulnerability, any mitigations you can take, and when to expect a fix.
- We will investigate all legitimate reports and do our best to quickly resolve issues.
- We will keep you informed of our progress.
- If you report a valid vulnerability, we will acknowledge your contribution in our release notes.
Please note that this is a mock server intended for development and testing purposes. It is not intended for production use and does not store or handle sensitive information. However, we still take security seriously to ensure that the tool cannot be leveraged for attacks on systems where it is deployed.