The Security Policy can be found online at zillowe.qzz.io/docs/book/guidelines/security.
| Version | Supported |
|---|---|
| Prod. Beta 5.X.X | ✔️ |
| Packages | Supported |
|---|---|
AUR zoi |
✔️ |
AUR zoi-bin |
✔️ |
| Homebrew | ✔️ |
| Scoop | ✔️ |
Crates.io zoi-rs |
❔ |
Fedora zoi-rs |
❌ |
NPM @zillowe/zoi |
❌ |
Crates.io package can be out-of-date sometimes.
The NPM package just runs the installer script.
Fedora package is from an external Terra repo and is not maintained by us, it uses the Crates.io version so it may not be up-to-date.
Meanings:
- ✔️ Fully supported
- ❔ Could be out-of-date
- ❌ Not supported
We take security seriously. Security updates are released as soon as possible after a vulnerability is discovered and verified.
Always make sure you have the latest Zoi version, to get the latest Zoi version install/update it from supported packages or by running this command:
zoi upgradeIf you discover a security vulnerability, please follow these steps:
- DO NOT disclose the vulnerability publicly.
- Send a detailed report to: GitLab Issues*, GitHub Security Advisory or email*: contact@zillowe.qzz.io.
- Include in your report:
- A description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- If you're creating a GitLab issue on make sure you turn on confidentiality.
- If you're sending an email make sure to encrypt your email with our public PGP key and link your public key.