Skip to content

Security: OpenSourceFellows/amplify

Security

SECURITY.md

Security Policy

Supported Versions

Amplify is currently only used as a centrally hosted site, so the only supported version is the latest code in our main branch.

Security Process

If you have found a security vulnerability in Amplify, please send an email to our team: [email protected]

Include all of the following details in your description of the vulnerability:

  • Platform used. For example: Ubuntu 20.04.2 LTS (x86_64)
  • Exact version of Amplify that you tested. For example: commit 94d053f0234da0f418a3a683b590169c92a9683d
  • The source location of the bug and/or any other information that you are able to provide about what the cause of the bug is.
  • Browser used, if relevant. For example: Google Chrome 97.0.4692.99 (Official Build) (arm64)
  • Site/API URL, if relevant
  • Explanation of how to exploit the vulnerability

To qualify as a security issue, the bug must be reproducible on the latest release of Amplify via a realistic attack vector.

There aren’t any published security advisories