If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public GitHub issue for security vulnerabilities.
- Email: security@l3digital.net
- Subject line: [SECURITY] ha-light-controller — Brief description
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 3 business days
- Assessment: Within 1 week of acknowledgment
- Fix timeline: Depends on severity, but we aim to address critical issues within 30 days
| Version | Supported |
|---|---|
| Latest release | ✅ |
| Previous minor | ✅ |
| Older versions | ❌ |
We follow coordinated disclosure. We ask that you:
- Give us reasonable time to address the issue before public disclosure
- Make a good faith effort to avoid privacy violations, data destruction, or service disruption
- Do not access or modify other users' data
We will credit reporters who follow responsible disclosure practices.