Security Policy
Supported Versions
The following versions of Bulwark are currently supported with security updates:
Version Supported
< 0.2.0 ❌ No
0.2.x ✅ Yes
> Only the latest minor/patch version receives security fixes.
Reporting a Vulnerability
If you discover a security vulnerability, please do not open a public issue.
Instead, report it responsibly using one of the following methods:
GitHub Security Advisories (preferred)
Email the maintainer directly (if listed on the GitHub profile)
Please include:
A clear description of the vulnerability
Steps to reproduce (if applicable)
Potential impact
Any suggested fixes or mitigations
Response Process
Once a vulnerability is reported:
1. We will acknowledge the report within 48 hours
2. The issue will be investigated and validated
3. A fix will be prepared and released as soon as possible
4. Credit will be given to the reporter (unless anonymity is requested)
Disclosure Policy
We follow responsible disclosure practices. Vulnerabilities should not be publicly disclosed until a fix has been released.
Thank you for helping keep Bulwark secure 🛡️