Skip to content

Security: rubix-studios-pty-ltd/twenty-app

SECURITY.md

Security Policy

Supported Versions

Version Supported
1.0.x

Reporting a Vulnerability

We take the security of Twenty App seriously. If you believe you have found a security vulnerability, please report it to us following these steps:

  1. DO NOT create a public GitHub issue for the vulnerability.
  2. Contact us directly at one of the following:

Please include the following details in your report:

  • Description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact of the vulnerability
  • Any possible mitigations
  • Version of Twenty App affected

Response Process

  1. We will acknowledge receipt of your vulnerability report within 48 hours.
  2. Our security team will investigate and validate the issue.
  3. We will keep you informed about the progress of fixing the vulnerability.
  4. Once fixed, we will notify you and publish a security advisory if necessary.

Security Update Policy

  • Security patches are given the highest priority
  • Updates will be released as soon as possible after a vulnerability is confirmed
  • If a critical vulnerability is found, we will release a patch version immediately

Security Monitoring

We continuously monitor our codebase for security issues through:

  • Automated dependency scanning
  • Regular code reviews
  • Third-party security audits
  • Community reports

Disclosure Policy

  • We follow responsible disclosure practices
  • Security issues will be announced via our changelog and security advisories
  • Credit will be given to security researchers who report valid vulnerabilities

Contact

For any security-related questions, contact:

Rubix Studios
Website: https://rubixstudios.com.au

There aren't any published security advisories