The KitOps project community is committed to keeping our code secure. We actively patch our latest releases for security issues, so we encourage all users to upgrade as quickly as possible. Below are our supported versions:
| Version | Supported |
|---|---|
| latest | ✅ |
| nightly | ❌ |
| older versions | ❌ |
We're grateful to users who report vulnerabilities, and all reports are thoroughly reviewed and investigated.
You should report if:
- You think you have discovered a potential security vulnerability
- You are uncertain about the security impact of an issue
If you discover a potential security vulnerability, please report it using GitHub’s Security Advisories. This process will create a private advisory visible only to the maintainers for review.
To protect the community, do NOT create a public issue, pull request, or discussion.
Our maintainers will review and respond to your report within 5 working days. Depending on the severity and complexity of the issue, resolution times may vary, but we will keep you informed throughout the process. The disclosure date will be agreed upon between the maintainers and the reporter.