Skip to content

Security: tramlinehq/tramline

Security

SECURITY.md

Security Policy

Supported Versions

We always recommend using the latest version of Tramline to ensure you get all security updates.

Currently, security updates are not backported to previous versions.

Reporting a Vulnerability

If you've found a security vulnerability in the Tramline codebase, you can disclose it responsibly by sending a summary to [email protected]. We will review the potential threat and get back to you within two (2) business days. We will then work on fixing it as fast as we can, followed by a public disclosure with attribution to you.

While researching, we’d like you to refrain from:

  • Denial-of-Service (DoS)
  • Spamming
  • Social engineering or phishing of Tramline employees or contractors

While we do not have a bounty program in place yet, we are incredibly thankful for people who take the time to share their findings with us. Whether it's a tiny bug that you've found or a security vulnerability, all reports help us to continuously improve Tramline for everyone. Thank you for your support!

There aren’t any published security advisories