We are committed to providing security updates for the following versions of SurveySwift:
| Version | Supported |
|---|---|
| 2.1.x | ✅ |
| 2.0.x | ✅ |
| 1.1.x | ❌ |
| 1.0.x | ❌ |
We take the security of our software products seriously, which includes all source code repositories managed through our GitHub organization.
If you believe you have found a security vulnerability in any SurveySwift-owned repository, please report it to us as described below.
DO NOT create a GitHub issue if you think you have found a security issue. Instead, please send an email to [email protected].
We will acknowledge receipt of your vulnerability report and send you regular updates about our progress. If you're curious about the status of your disclosure, feel free to email us again. If you want to encrypt your disclosure email, please use our PGP key.
We will strive to:
- Confirm the problem and determine the affected versions.
- Audit code to find any potential similar problems.
- Prepare fixes for all releases still under maintenance.
SurveySwift follows the principle of Coordinated Disclosure. As such, we kindly ask that you refrain from data extraction, scanning for vulnerabilities, or any other disruptive actions.
We also ask that you do not publicly disclose the issue until we have had a chance to address it.
Thank you for helping keep SurveySwift and our users safe!