jwt/SECURITY.md

# Security Policy

## Supported Versions

As of February 2022 (and until this document is updated), the latest version `v4` is supported.

## Reporting a Vulnerability

If you think you found a vulnerability, and even if you are not sure, please report it to jwt-go-security@googlegroups.com or one of the other [golang-jwt maintainers](https://github.com/orgs/golang-jwt/people). Please try be explicit, describe steps to reproduce the security issue with code example(s).

You will receive a response within a timely manner. If the issue is confirmed, we will do our best to release a patch as soon as possible given the complexity of the problem.

## Public Discussions

Please avoid publicly discussing a potential security vulnerability.

Let's take this offline and find a solution first, this limits the potential impact as much as possible.

We appreciate your help!
Create SECURITY.md (#171) 2022-05-28 19:40:34 +03:00			`# Security Policy`

			`## Supported Versions`

			As of February 2022 (and until this document is updated), the latest version `v4` is supported.

			`## Reporting a Vulnerability`

Update SECURITY.md (#207) 2022-05-28 22:53:11 +03:00			`If you think you found a vulnerability, and even if you are not sure, please report it to jwt-go-security@googlegroups.com or one of the other [golang-jwt maintainers](https://github.com/orgs/golang-jwt/people). Please try be explicit, describe steps to reproduce the security issue with code example(s).`
Create SECURITY.md (#171) 2022-05-28 19:40:34 +03:00
			`You will receive a response within a timely manner. If the issue is confirmed, we will do our best to release a patch as soon as possible given the complexity of the problem.`

			`## Public Discussions`

			`Please avoid publicly discussing a potential security vulnerability.`

			`Let's take this offline and find a solution first, this limits the potential impact as much as possible.`

			`We appreciate your help!`