Thank you for using and contributing to the "Friend's House" RuneLite plugin. I take security seriously and appreciate your efforts to responsibly disclose vulnerabilities. This document outlines my policies and procedures for handling security-related issues.
I support only the latest published version of the "Friend's House" plugin.
If you discover a security vulnerability in the "Friend's House" plugin, please follow the steps below:
- Do not disclose it publicly.
- Email the details of the vulnerability to me at email.
Please include the following information in your report:
- A description of the vulnerability and its potential impact.
- Steps to reproduce the vulnerability.
- Any proof-of-concept code or screenshots.
- Your contact information.
I will acknowledge receipt of your report within 48 hours and will strive to provide a detailed response within 5 business days.
I will:
- Investigate the reported vulnerability.
- Confirm the vulnerability.
- Develop a fix or mitigation.
- Release a patch or new version of the plugin.
- Credit the reporter, if they wish to be acknowledged, in the release notes.
To ensure the security of your own use of the "Friend's House" plugin, please:
- Always use the latest version of the plugin.
- Regularly check for updates and apply them promptly.
- Report any suspected vulnerabilities immediately.
If you have any questions or need further information, please contact me at email.
While I make every effort to ensure the security of the "Friend's House" plugin, security vulnerabilities are a reality of software development. Users are encouraged to take their own precautions and stay informed about best security practices.