The following table lists the versions of Bruce.Tools that are currently supported with security updates:
| Version | Supported |
|---|---|
| >= 1.4.3 | ✅ |
| < 1.4 | ❌ |
If you are using a version not listed above, we recommend upgrading to the latest version to benefit from security patches and new features.
We take the security of Bruce.Tools seriously. If you discover a vulnerability, please follow the steps below to report it responsibly:
Send an email to security@bruce.tools with the following details:
- A clear description of the vulnerability, including steps to reproduce it.
- The affected version(s) of Bruce.Tools.
- Any potential impact or exploit scenarios.
- Your contact information (optional, if you'd like follow-up).
Here’s what you can expect after reporting a vulnerability:
- Acknowledgment: We will confirm receipt of your report within 72 hours.
- Investigation: Our team will investigate and validate the issue. You may be contacted for further clarification or assistance.
- Resolution: Once validated, we will prioritize the issue based on its severity and prepare a patch or mitigation strategy.
- Notification: You will be notified of the resolution and, if applicable, credited for your contribution (if you opt to be credited).
To protect users, we request that you:
- Do not disclose the vulnerability publicly until a fix has been released.
- Avoid exploiting the vulnerability, except for testing purposes in your own environment.
Thank you for helping us make Bruce a secure and reliable platform!