If you discover a security vulnerability in the ShatteredArchive Software, please report it responsibly.
Do not open a public GitHub issue for security-related reports.
Instead, report security issues privately by emailing:
Please include as much detail as possible to help us understand and reproduce the issue, including:
- A description of the vulnerability
- Steps to reproduce
- Affected components or packages
- Any potential impact you are aware of
- We will acknowledge receipt of your report as soon as reasonably possible.
- We will investigate and work to validate the issue.
- We may request additional information or clarification.
- Once a fix or mitigation is available, we will coordinate disclosure as appropriate.
This project does not provide guaranteed response times or service-level agreements (SLAs), but we take security reports seriously and will make a good-faith effort to address valid issues.
ShatteredArchive is under active development.
Security fixes are applied to supported branches as appropriate, typically:
release/devrelease/stagingrelease/production
Older versions or forks may not receive security updates.
This project relies on third-party open-source dependencies.
If a reported issue affects a third-party dependency, remediation may depend on upstream fixes.
We appreciate responsible disclosure and the efforts of community members who help improve the security of the ShatteredArchive Software.