SECURITY
We release patches for security vulnerabilities for the latest version of all our projects. All security updates will be released as patch versions.
The fleXRPL team takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings.
Please report security vulnerabilities to us by:
- Opening a draft security advisory in the affected repository
- For sensitive issues, email security@flexrpl.org (if urgent, include [URGENT] in the subject)
- All repositories have Dependabot enabled for automated security updates
- SonarCloud integration for continuous security scanning
- Regular security audits of dependencies
- Mandatory code review process for all changes
- Automated testing with 100% coverage requirement
- All API keys and secrets must be stored securely using environment variables
- Production deployments require 2FA
- Regular security training for all contributors
- Compliance with OWASP security standards
We will acknowledge receipt of your report within 24 hours and provide a more detailed response within 48 hours indicating next steps.
Security vulnerabilities will be disclosed via GitHub Security Advisories after a patch has been released.
Home | Documentation | Contributing | Support
Terms • Privacy • Security • Releases
© 2025 fleXRPL. All rights reserved. | Built with ❤️ by fleXRPL Team