Skip to content

Latest commit

 

History

History
28 lines (19 loc) · 1.1 KB

SECURITY.md

File metadata and controls

28 lines (19 loc) · 1.1 KB

Security Policy

Supported Versions

Version Supported GPG Signing Key
1.83 and later 31D2D79DF7E85DD3
1.82 and earlier ?

Reporting a Vulnerability

If you find a security vulnerability, please open a Github issue.

We will try to publish a security fix on Maven Central ASAP after you reported it.

There will be no frequently scheduled security updates.

GPG Signature Validation

All artefacts are published on the Maven Central Repository accompanied by an *.asc GPG signature file.

The GPG signing key used since v1.83 is found on keyserver.ubuntu.com:

pub   rsa3072 2023-08-04 [SC] [expires: 2025-08-03]
      1D85 469D 8559 C2E1 DF5F  9251 31D2 D79D F7E8 5DD3
uid           [ultimate] Markus KARG <[email protected]>
sub   rsa3072 2023-08-04 [E] [expires: 2025-08-03]