Security Policy¶
The Silex team takes the security of our project and our users' trust very seriously.
Supported versions¶
| Version | Supported | Release year |
|---|---|---|
| 3 |  |
2024 |
| 2 |  |
2014 |
| 1 | |
2009 |
Reporting a vulnerability¶
If you believe you have found a security vulnerability in Silex, please let us know right away. We investigate all legitimate reports and do our best to quickly fix the problem.
How to report¶
Contact us directly at contact+security AT silex DOT me. For severe emergencies, this is the most direct and immediate way to reach us. Please do not publicly disclose the issue until we have had a chance to address it.
What to include¶
To help us best understand and address the issue, please include as much of the following as possible:
- A clear description of the issue: what you observed and what you expected to happen.
- Steps to reproduce, if possible.
- Any relevant screenshots or logs.
After you report¶
- We acknowledge receipt of your report within 24 hours.
- We provide a detailed response within 72 hours of the acknowledgment, with next steps, how we plan to address the issue, and an estimated timeframe for a fix.
- We may ask for additional information or guidance.
- Once the issue is resolved, we notify you and may mention your contribution in our release notes — unless you prefer to remain anonymous.
Your responsible disclosure efforts are greatly appreciated.
Security updates¶
To be notified of important updates, subscribe to the newsletter.
Edit this page on GitLab