Skip to content

Security: L3Digital-Net/ha-light-controller

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in this project, please report it responsibly.

Do NOT open a public GitHub issue for security vulnerabilities.

Contact

What to include

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)

Response timeline

  • Acknowledgment: Within 3 business days
  • Assessment: Within 1 week of acknowledgment
  • Fix timeline: Depends on severity, but we aim to address critical issues within 30 days

Supported Versions

Version Supported
Latest release
Previous minor
Older versions

Disclosure Policy

We follow coordinated disclosure. We ask that you:

  1. Give us reasonable time to address the issue before public disclosure
  2. Make a good faith effort to avoid privacy violations, data destruction, or service disruption
  3. Do not access or modify other users' data

We will credit reporters who follow responsible disclosure practices.

There aren’t any published security advisories