WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Security: yiisoft/package-template

Security

Report a vulnerability

.github/SECURITY.md

Security Policy

If you have encountered a security-related issue with Yii, please use the security issue form to report any security issues you have encountered to us.

WARNING! DO NOT use the issue tracker or discuss it in the public forum as it will cause more damage than help.

Please note that as a non-commercial OpenSource project we are not able to pay bounties at the moment.

Reporting a Vulnerability

For each report, we try to first confirm the vulnerability. Once confirmed, the Yii team will take the following actions:

  • Acknowledge to the reporter that we’ve received the issue, and are working on a fix. We ask that the reporter keep the issue confidential until we announce it.
  • Get a fix/patch prepared.
  • Prepare a post describing the vulnerability, and the possible exploits.
  • Release new versions of all affected versions.
  • Prominently feature the problem in the release announcement

There aren’t any published security advisories