ApiaryLensOpen Source Apiary Intelligence

Authoritative project documentation

Security Policy

Reporting a vulnerability

Please do not open a public GitHub issue for security vulnerabilities.

Instead, use GitHub's private vulnerability reporting for this repository:

  1. Go to the Security tab of this repository.
  2. Click Report a vulnerability.
  3. Describe the issue in as much detail as possible, including steps to reproduce and potential impact.

This opens a private advisory visible only to maintainers until a fix is ready, which is the preferred channel until the project has a dedicated security contact address.

Scope

ApiaryLens is early-stage and currently contains no application code — there is no running software to have a vulnerability yet. This policy is in place ahead of time so the reporting process is established before the first release. Once the platform has deployable components (self-hosted server, PWA client, API), this section will be updated with specific scope guidance (e.g. which deployment configurations are supported, which versions receive security fixes).

Supported versions

Not applicable yet — no releases exist.

Our commitment

Given ApiaryLens's privacy-first and self-hosted-first principles, security issues that could expose a beekeeper's hive, location, or business data are treated as high priority. We will acknowledge reports as promptly as possible and credit reporters (with permission) once a fix is released.

Was this page helpful?

Ask for help or suggest a documentation improvement in the public project.

Open an issue