Only the latest version deployed at jmrp.io is supported with security updates.
| Version | Supported |
|---|---|
| Latest | ✅ |
If you discover a security vulnerability in this project, please report it responsibly.
Do NOT open a public GitHub issue.
Instead, please use one of the following methods:
- GitHub Security Advisories (preferred): Report a vulnerability
- Email: Contact the maintainer directly via mail@jmrp.io
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Initial assessment: Within 1 week
- Fix or mitigation: Depends on severity, typically within 2 weeks for critical issues
This policy covers:
- The website at jmrp.io
- The source code in this repository
- CI/CD pipeline configurations
- Content Security Policy and security headers
- Third-party services (Cloudflare, GitHub, SonarCloud)
- Social engineering attacks
- Denial of service attacks against the hosted infrastructure