We only provide support and security updates for the latest stable release of Daylight. If you are using an older version, we strongly encourage upgrading to the latest version to ensure your software remains secure.
| Version | Supported |
|---|---|
| 1.x | ✅ |
| 0.x | ❌ |
We take security seriously at Daylight, and we value the community’s efforts in identifying and reporting vulnerabilities.
-
Do not open a public issue.
Security issues should be disclosed responsibly. Instead, please send an email to [[email protected]] with the details of the vulnerability. -
Provide as much detail as possible.
Include all relevant information to help us understand and resolve the issue, such as:- Vulnerable version number.
- Steps to reproduce the vulnerability.
- Impact of the vulnerability (e.g., unauthorized data access, code execution).
- Suggested remediation (if known).
-
We will respond promptly.
Upon receiving your report, we will acknowledge the receipt and provide updates as we investigate and fix the issue.
- Once a vulnerability has been confirmed, we will work on a fix.
- Security patches will be released as soon as possible, usually as part of a patch or minor release.
- We will notify affected users about the security issue and provide guidance on upgrading or applying patches.
To encourage responsible disclosure, we ask security researchers to:
- Wait for a fix before publicly disclosing the vulnerability.
- Give us reasonable time to investigate and patch the issue.
- Do not access or modify user data beyond what is necessary to demonstrate the vulnerability.
For any security-related concerns, please reach out to us at [[email protected]].