We currently support the latest stable version of Gokapi. Security updates are provided on a best-effort basis for the most recent release.
| Version | Supported |
|---|---|
| Latest | ✅ |
| Older | ❌ |
If you discover a security vulnerability in Gokapi, please do not open a public issue.
Instead, use GitHub’s "Report a vulnerability" feature on this repository. This ensures your report stays private and will be reviewed promptly by the maintainers.
To report a vulnerability:
- Go to the Security tab of the Gokapi repository.
- Click on "Report a vulnerability".
- Fill out the form with as much detail as possible.
We aim to acknowledge valid reports within 3 business days and address them as quickly as possible.
Once a vulnerability is reported, we will:
- Acknowledge receipt within 72 hours.
- Investigate and validate the issue.
- Develop a fix or mitigation strategy.
- Coordinate a release with credit to the reporter (unless anonymity is requested).
- Publish a security advisory via GitHub once the fix is released.
This policy applies to the Gokapi codebase and documentation in this repository. Vulnerabilities in third-party dependencies should be reported to the appropriate maintainers.
Thank you for helping keep Gokapi secure!