Skip to content

Security: Maatify/rate-limiter

Security

SECURITY.md

Security Policy

Maatify Rate Limiter Maatify Ecosystem

Thank you for taking the time to review the security of maatify/rate-limiter.
We take security very seriously and appreciate any responsible disclosures that help improve the safety and reliability of the Maatify ecosystem.

πŸ” Supported Versions

Only the following versions currently receive security updates:

Version Status
1.x βœ” Active Support
< 1.0 ❌ No longer supported

If you are using an unsupported version, we strongly recommend upgrading to the latest stable release.

🚨 Reporting a Vulnerability

If you discover a security vulnerability, DO NOT open a public GitHub issue.

Instead, please contact the Maatify security team directly:

πŸ“§ security@maatify.dev

Provide as much detail as possible, including:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Affected versions
  • Any proof-of-concept or references
  • Optional: Suggested fix

You will receive an acknowledgment within 48 hours, and we will follow up as needed for clarification.

πŸ›  Handling Process

Once a vulnerability is reported:

  1. The Maatify team reviews and verifies the issue.
  2. A fix is prepared in a private branch.
  3. Maintainers coordinate with the reporter if more details are required.
  4. A security patch is released (e.g., 1.x.x patch version).
  5. The vulnerability is documented in the changelog.
  6. Credit is given to the reporter (optional and with consent).

🎯 Expectations for Responsible Disclosure

  • Do not publish or share the vulnerability before a fix is released.
  • Do not attempt to access user data, bypass rate limits in live systems, or escalate the issue beyond proof-of-concept.
  • Never perform attacks on production systems.

We appreciate all researchers who follow these guidelines to ensure a safe and reliable ecosystem.

πŸ›‘οΈ Scope

This policy applies specifically to:

  • maatify/rate-limiter
  • All supported drivers (Redis, MongoDB, MySQL)
  • Rate-limit attempt/status/reset logic
  • Exponential backoff and global limit mechanisms
  • Middleware integration (PSR-15)
  • Resolver and configuration layers

For vulnerabilities in other Maatify libraries, please refer to their respective security policies.

πŸ™ Thank You

Your efforts help keep the Maatify ecosystem secure and reliable for everyone.

Built with ❀️ by Maatify.dev β€” Unified Ecosystem for Modern PHP Libraries

There aren’t any published security advisories