Skip to content

Security: zerp-pk/zerp

Security

SECURITY.md

Security Policy

Supported Versions

Zerp is under active development on main. There are no maintained LTS branches yet — security fixes land on main and the latest state of each module repository under the zerp-pk organization.

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues.

Instead, use GitHub's private vulnerability reporting for this repository:

  1. Go to the Security tab of this repository.
  2. Click Report a vulnerability.
  3. Fill in as much detail as you can: affected module(s), reproduction steps, and potential impact.

If the vulnerability is in one of the feature module repositories (see the table in README.md), please report it there directly — each module repo under zerp-pk has the same private reporting option enabled.

We'll acknowledge your report, investigate, and keep you updated as a fix is developed. Please give us reasonable time to address the issue before any public disclosure.

There aren't any published security advisories