juli/OrcaSlicer
1
1
Fork 0
mirror of https://github.com/OrcaSlicer/OrcaSlicer.git synced 2026-06-11 06:23:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
cf4275198c8aae640792eb3d4b3c8a5f75f1e83e
OrcaSlicer/SECURITY.md
xiaoyeliu e89263e51a Merge: Snapmaker Orca 2.1.2
2025-11-17 10:04:25 +08:00

39 lines
2.4 KiB
Markdown
Raw Blame History

POLICY: Our security policy is to avoid leaving the ecosystem worse than we found it. Meaning we are not planning to introduce vulnerabilities into the ecosystem.
The Snapmaker_Orca team and community take all security bugs in Snapmaker_Orca seriously. Thank you for improving the security of Snapmaker_Orca. We appreciate your efforts to disclose the issue responsibly, and will make every effort to acknowledge your contributions.
Report security bugs by emailing the lead maintainer at softfeverever@gmail.com and include the word "SECURITY" in the subject line.
* Response Times:
The lead maintainer will acknowledge receipt of your email within one week (7 days).
A detailed response will follow within 48 hours, outlining the next steps for handling your report.
After the initial reply, the security team will keep you informed about the progress toward a fix and any announcements.
* Information and Collaboration:
We may request additional information or guidance as we work on addressing the issue.
Snapmaker_Orca will confirm the problem and determine the affected versions.
Snapmaker_Orca will audit code to find any similar problems.
Snapmaker_Orca will prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.
Report security bugs in third-party modules to the person or team maintaining the module.
SECURITY DISCLOSURE: Your responsibility is to report vulnerabilities to us using the guidelines outlined below.
Please give detailed steps on how to disclose the vulnerability. Keep these OWASP guidelines in mind ( https://www.owasp.org/index.php/Vulnerability_Disclosure_Cheat_Sheet ) when creating your disclosure policy.
Below are some recommendations for security disclosures:
Snapmaker_Orca security contact { contact: mailto:softfeverever@gmail.com] }
When disclosing vulnerabilities please do the following:
Your name and affiliation (if any).
Include scope of vulnerability. Let us know who could use this exploit.
Document steps to identify the vulnerability. It is important that we can reproduce your findings.
Show how to exploit vulnerability, give us an attack scenario.
Snapmaker_Orca Checklist: Security Recommendations
Follow these steps to improve security when using Snapmaker_Orca.
...SEE SOMETHING
...SAY SOMETHING
1)...SEE SOMETHING
We suggest you goto #2 if this happens.
Why? Through experience we have found it is best to goto #2 in this situation.
Reference in New Issue View Git Blame Copy Permalink