If you discover a security vulnerability in the Schema Mapper library, we appreciate your responsible disclosure. Please follow these steps to report the issue:
- Contact us via [email protected].
- Provide detailed information about the vulnerability, including:
- Steps to reproduce the issue.
- The version of the plugin you're using.
- Any relevant logs or screenshots.
- Please do not disclose the vulnerability publicly until we have addressed it and released a patch.
We aim to:
- Acknowledge your report within 48 hours.
- Provide an initial assessment within 5 business days.
- Release a fix or mitigation within 90 days, depending on the severity and complexity of the issue.
We take the security of the Schema Mapper library seriously. Below is a list of supported versions and their current security status.
| Version | Supported | Notes |
|---|---|---|
| 1.x | ✅ | Actively supported with security fixes |
To ensure the secure use of the Schema Mapper library, we recommend the following best practices:
- Always use the latest version of the library.
- Follow dependency management best practices, such as using Composer to manage versions.
- Avoid exposing sensitive data (e.g., API keys or tokens) in code or logs.
- Use HTTPS for secure communications when sending or receiving data.
We welcome feedback on how we can improve the security of Schema Mapper. Please feel free to reach out with suggestions or concerns.