We take security seriously. The following versions of RustAPI are currently being supported with security updates:
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1.0 | ❌ |
If you discover a security vulnerability in RustAPI, please report it to us as follows:
Please do NOT report security vulnerabilities through public GitHub issues.
Instead, please report security vulnerabilities by emailing:
You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
Please include the following information in your report:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes or mitigations
Security updates will be released as patch versions (e.g., 0.1.1, 0.1.2) and will be announced through:
- GitHub Security Advisories
- Release notes
- Security mailing list (if established)
When we receive a security bug report, we will:
- Confirm the vulnerability and determine its impact
- Develop and test a fix
- Release the fix as a security update
- Publicly disclose the vulnerability after the fix is available
We will coordinate disclosure with the reporter to ensure that the vulnerability is not disclosed prematurely.
When using RustAPI, please follow these security best practices:
- Keep your dependencies up to date
- Use HTTPS for all API endpoints
- Implement proper authentication and authorization
- Validate all input data
- Use environment variables for sensitive configuration
- Regularly audit your dependencies for known vulnerabilities
We would like to thank the following individuals for responsibly disclosing security vulnerabilities:
- None at this time
For security-related questions or concerns, please contact us at tunayengin21@hotmail.com.