Currently, the following versions of Articulate Rise Parser are supported with security updates:
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
| < 1.0 | ❌ |
We take the security of Articulate Rise Parser seriously. If you believe you have found a security vulnerability, please follow these steps:
- Do not disclose the vulnerability publicly - Please do not create a public GitHub issue for security vulnerabilities.
- Email the details to [[email protected]] - Include as much information as possible about the vulnerability.
- Wait for a response - We will acknowledge your email within 48 hours and provide an estimated timeline for a fix.
- Work with us - We may ask for additional information to help us understand and address the issue.
When reporting a vulnerability, please include:
- A clear description of the issue
- Steps to reproduce the vulnerability
- The potential impact of the vulnerability
- Any possible mitigations you've identified
- We will acknowledge receipt of your vulnerability report within 48 hours.
- We will provide regular updates about our progress.
- We will notify you when the vulnerability is fixed.
- With your permission, we will include your name in the acknowledgments.
This project follows these security practices:
- Regular dependency updates via Dependabot
- CodeQL security scanning
- Automated testing for each pull request
- Code review requirements for all changes