Only security issues relating to the current production deployment of the website are in scope. All older production deployments are considered unsupported, and thus not in scope.
| Version | Supported |
|---|---|
| current production deployment | ✅ |
| all older deployments | ❌ |
| Version | Supported |
|---|---|
| vercel configuration | ✅ |
| cloudflare configuration | ✅ |
| github configuration | ✅ |
| giscus configuration* | ❌ |
*If you have found a bug with the Giscus configuration on the blog, please open an issue. For issues related to Giscus itself, you should contact the developers directly.
Email security@rooray.xyz with a clear description of:
- Your findings
- A Proof of Concept (POC) of the security issue
- The expected resolution I will try to reply and remedy the issue within 24 hours but this can be subject to delays if I am busy. Thanks for your contribution!