If you discover a security vulnerability within EdgeSQL Shell, please report it as soon as possible. We take all security vulnerabilities seriously and will work to resolve any identified issues promptly.
To report a security vulnerability, please email [email protected] with the details of the vulnerability. In your report, please include:
- A detailed description of the vulnerability.
- Steps to reproduce the issue.
- Any potential impact or exploit scenarios.
The following versions of EdgeSQL Shell are currently being supported with security updates:
| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.0 | ❌ |
We will notify users of security updates through our GitHub repository and release notes. It is recommended to always use the latest version of EdgeSQL Shell to benefit from the latest security fixes.
To help ensure the security of your EdgeSQL Shell installation, please follow these best practices:
- Keep Software Up-to-Date: Always use the latest version of EdgeSQL Shell.
- Review Dependencies: Regularly check for and update dependencies to ensure they are free of known vulnerabilities.
- Use Strong Passwords: Ensure that all passwords used in your environment are strong and unique.
- Limit Access: Restrict access to the minimum necessary users and services.
- Regular Audits: Perform regular security audits of your system and environment.
We believe in responsible disclosure of vulnerabilities. If you report a vulnerability, we request that you:
- Allow us a reasonable amount of time to resolve the issue before disclosing it publicly.
- Avoid exploiting the vulnerability beyond what is necessary to demonstrate it.
- Respect our users' data and privacy during your investigation.
We appreciate your efforts to keep EdgeSQL Shell secure and will acknowledge your contributions in our release notes.
Thank you for helping to improve the security of EdgeSQL Shell!
If you have any questions or need further assistance, please contact us at [email protected].