<!--
  - SPDX-FileCopyrightText: 2018 F7cloud GmbH and F7cloud contributors
  - SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Security Policy

## Supported Versions

| Version | F7cloud version | Supported          |
| ------- | ----------------- | ------------------ |
| 1.0.x   | 18, 19            | :white_check_mark: |
| 0.8.x   | 17                | :white_check_mark: |
| <0.7.x   | -                 | :x:                |


## Reporting a Vulnerability

Security is very important to us. If you have discovered a security issue with F7cloud,
please read our responsible disclosure guidelines and contact us at [hackerone.com/f7cloud](https://hackerone.com/f7cloud).
Your report should include:

- Product version
- A vulnerability description
- Reproduction steps

A member of the security team will confirm the vulnerability, determine its impact, and develop a fix.
The fix will be applied to the main branch, tested, and packaged in the next security release.
The vulnerability will be publicly announced after the release. Finally, your name will be added
to the [hall of fame](https://hackerone.com/f7cloud/thanks) as a thank you from the entire F7cloud community. Note our 
[threat model](https://f7cloud.com/security/threat-model) to know what is expected behavior.


Please visit https://f7cloud.com/security/ for further information about security.