Skip to content

Security: zaf-tech/observeops

Security

SECURITY.md

Security Policy

Supported Versions

ObserveOps is under active development. Security fixes are applied to the latest main branch first.

Reporting a Vulnerability

Please do not report security vulnerabilities in public issues.

Report privately by email:

When reporting, include:

  • A clear description of the issue
  • Steps to reproduce
  • Potential impact
  • Any proof-of-concept details (if available)

Response Process

  • Initial acknowledgement target: within 72 hours
  • Triage and severity assessment after acknowledgement
  • Fix timeline depends on severity and complexity
  • Coordinated disclosure is preferred

Safe Harbor

If you make a good-faith effort to follow this policy, avoid privacy violations, and do not cause service disruption, we will treat your research as authorized.

Liability and risk notice

This project is provided under the MIT License and is offered as-is. Use this software at your own risk.

There aren't any published security advisories