Skip to content

Update supported version in SECURITY.md to 0.x.x #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
peteski22 merged 3 commits into from
Feb 24, 2026
Merged

Update supported version in SECURITY.md to 0.x.x #27

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
7afaead
Update supported version in SECURITY.md to 0.x.x
peteski22 Feb 20, 2026
c92cc4f
Narrow supported version to 0.1.x and mark 0.0.x unsupported
peteski22 Feb 21, 2026
91e594c
Fix incorrect SDK name and duplicate heading in SECURITY.md
peteski22 Feb 24, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,27 +4,26 @@

We at [Mozilla AI](https://www.mozilla.ai/) take the security of our projects seriously. We appreciate your efforts to responsibly disclose security vulnerabilities.

This document outlines the process for reporting vulnerabilities in `mcpd-sdk-python`.
This document outlines the process for reporting vulnerabilities in `mcpd-sdk-javascript`.

### Supported Versions

The following versions are currently supported for security updates:

| Version | Supported |
| ------- | ------------------ |
| 0.0.x | :white_check_mark: |
| 0.1.x | :white_check_mark: |
| 0.0.x | :x: |

**Please ensure you are using a supported version when reporting a vulnerability.**

## Reporting a Vulnerability

**Please DO NOT open a public GitHub issue.**

To report a security vulnerability, please send a detailed email to: [security@mozilla.ai](mailto:security@mozilla.ai)

Please include the following information in your report:

1. **Project Name and Version:** Specify which project (`mozilla-ai/mcpd-sdk-python`) and which version(s) are affected.
1. **Project Name and Version:** Specify which project (`mozilla-ai/mcpd-sdk-javascript`) and which version(s) are affected.
2. **Vulnerability Description:** A clear and concise description of the vulnerability.
3. **Steps to Reproduce:** Detailed steps to reproduce the vulnerability, including any necessary code, configuration, or environment details.
4. **Impact:** Describe the potential impact of the vulnerability (e.g., data breach, denial of service, privilege escalation).
Expand All @@ -47,6 +46,6 @@ Our typical disclosure timeline for critical issues is up to 30 days from the in

### Scope

This security policy applies to all components of [mcpd](https://github.com/mozilla-ai/mcpd) (for example, this repository: [mcpd-sdk-python](https://github.com/mozilla-ai/mcpd-sdk-python)).
This security policy applies to all components of [mcpd](https://github.com/mozilla-ai/mcpd) (for example, this repository: [mcpd-sdk-javascript](https://github.com/mozilla-ai/mcpd-sdk-javascript)).

Thank you for helping us keep our projects secure for everyone.