mirror of
				https://github.com/amithkoujalgi/ollama4j.git
				synced 2025-10-26 06:09:30 +01:00 
			
		
		
		
	 bb1adacc7f
			
		
	
	
		bb1adacc7f
		
			
		
	
	
	
	
		
			
			- Introduced a CONTRIBUTING.md file to guide contributors on setup, coding guidelines, and pull request processes. - Added a SECURITY.md file outlining the security policy, reporting vulnerabilities, and responsible disclosure procedures.
		
			
				
	
	
		
			40 lines
		
	
	
		
			1.1 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
			
		
		
	
	
			40 lines
		
	
	
		
			1.1 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
| ## Security Policy
 | |
| 
 | |
| ### Supported Versions
 | |
| 
 | |
| We aim to support the latest released version of `ollama4j` and the most recent minor version prior to it. Older versions may receive fixes on a best-effort basis.
 | |
| 
 | |
| ### Reporting a Vulnerability
 | |
| 
 | |
| Please do not open public GitHub issues for security vulnerabilities.
 | |
| 
 | |
| Instead, email the maintainer at:
 | |
| 
 | |
| ```
 | |
| koujalgi.amith@gmail.com
 | |
| ```
 | |
| 
 | |
| Include as much detail as possible:
 | |
| 
 | |
| - A clear description of the issue and impact
 | |
| - Steps to reproduce or proof-of-concept
 | |
| - Affected version(s) and environment
 | |
| - Any suggested mitigations or patches
 | |
| 
 | |
| You should receive an acknowledgement within 72 hours. We will work with you to validate the issue, determine severity, and prepare a fix.
 | |
| 
 | |
| ### Disclosure
 | |
| 
 | |
| We follow a responsible disclosure process:
 | |
| 
 | |
| 1. Receive and validate report privately.
 | |
| 2. Develop and test a fix.
 | |
| 3. Coordinate a release that includes the fix.
 | |
| 4. Publicly credit the reporter (if desired) in release notes.
 | |
| 
 | |
| ### GPG Signatures
 | |
| 
 | |
| Releases may be signed as part of our CI pipeline. If verification fails or you have concerns about release integrity, please contact us via the email above.
 | |
| 
 | |
| 
 |