If you discover a security vulnerability in Moveet, please report it responsibly.
Do not open a public GitHub issue for security vulnerabilities.
Instead, please email ivan@novazzi.dev with:
- A description of the vulnerability
- Steps to reproduce
- Potential impact
You should receive a response within 48 hours. We will work with you to understand and address the issue before any public disclosure.
| Version | Supported |
|---|---|
| latest | Yes |
Moveet is a simulation tool intended for development and testing. It is not designed to handle sensitive production data. That said, we take security seriously and will address vulnerabilities in:
- The REST API and WebSocket server
- Docker image configurations
- Dependency vulnerabilities