Skip to content

Security: FlintSH/Flare

SECURITY.md

Security Policy

Supported Versions

I currently maintain security updates for:

Version Supported
1.x.x
< 1.0

DO NOT OPEN AI GENERATED SECURITY ADVISORIES IN THIS REPOSITORY

There has been an extreme uptick in AI generated security advisories being submitted for Flare that are either not real security issues or just flat out wrong. I am someone who is optimistic about AI and use it in my daily workflows, but please do not use it to larp as a security researcher and waste my free, unpaid time validating your advisory. It will not be met with kindly.

Please ensure that all advisories are opened with a full manual validation of the issue and a demonstrated full understanding by you, the reporter. Please do not waste my time.

Reporting a Vulnerability

Found a security issue in Flare? Thanks for looking out! You can report it in two ways:

  1. Click Report a vulnerability in the top right corner.

  2. Email

    • If you prefer email: me@fl1nt.dev
    • Please include "SECURITY" in the subject

When reporting, it helps if you can provide:

  • What the issue is
  • How to reproduce it
  • What could happen if exploited

What Happens Next

Once you report something:

  1. I'll confirm I received it when I can
  2. I'll investigate and let you know what I find
  3. Once fixed, I'll release a patch and credit you (if you want)
Learn more about advisories related to FlintSH/Flare in the GitHub Advisory Database