If you find a security vulnerability in the bot this is the process to disclose it.
| Version | Supported |
|---|---|
| Working Master | ✅ |
| Alpha 5.0 | ✅ |
| < Alpha 5.0 | ❌ |
Data needed for discolosure.
- Bot Version from the Bot via
<statscommand - Brief deciption of the issue
- reproduction steps
- More detailed explination.
The prefered way of disclosing Security Vulnerability via GitHub's builit in secuity feature over at the Security Tab. A reply will usually be given within 48 hours of disclosure, with a time frame to correct issues of 30 days or less.
During this 30 day period Security advisories should stay as a draft to give adiquate time to correct the issue at hand. After this 30 day period or when the issue is patches (Which ever comes first), the Security advisories may then be published along with the related patches.
Another way of disclosing issues is directly DMing Vincent/vlee489#5801 on the Discord bot support server