We actively support and provide security updates for the following versions:
| Version | Supported |
|---|---|
| 0.9.x | ✅ |
| < 0.9 | ❌ |
We take security vulnerabilities seriously. If you discover a security vulnerability in Logic IDE, please follow these steps:
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Instead, please report security vulnerabilities by creating a private security advisory.
Alternatively, you can email us directly at:
- Security contact: security@logic-ide.org
When reporting a vulnerability, please provide:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Affected versions
- Any potential impact
- Suggested fix (if you have one)
We aim to:
- Acknowledge receipt within 48 hours
- Provide an initial assessment within 7 days
- Work with you to understand and resolve the issue
- Coordinate disclosure timelines
We request that you:
- Give us a reasonable amount of time to address the vulnerability
- Do not publicly disclose the vulnerability until we've had a chance to fix it
- Do not access or modify data that doesn't belong to you
When using Logic IDE:
- Keep dependencies updated: Regularly update to the latest stable version
- Secure configuration: Follow the security guidelines in our documentation
- Access control: Implement proper authentication and authorization
- Network security: Use HTTPS and secure network configurations
- Input validation: Validate all inputs in your logic flows
We will acknowledge security researchers who responsibly report vulnerabilities, unless they prefer to remain anonymous.
Thank you for helping keep Logic IDE and our users safe!