Thank you for helping keep our Spotify Clone project secure! We appreciate contributions and reports from the community. This document provides guidelines for reporting security issues to ensure they are resolved responsibly and promptly.
We support security updates for the following versions:
| Version | Supported |
|---|---|
| Latest release | ✅ |
| Previous release (1 major) | ✅ |
| Older versions | ❌ |
Please use the latest version of the project to ensure you have the latest security fixes.
If you find a security vulnerability, please report it by following these steps:
- Do not publicly disclose: Please avoid publicly disclosing vulnerabilities as it may put users at risk.
- Send a private report:
- Email: Send an email to [email protected].
- Subject line: Begin the subject line with
[SECURITY ISSUE]. - Include details: Describe the issue with as much detail as possible. Include:
- Steps to reproduce
- Potential impact
- Any recommended fix (if you have one)
- Affected version(s): Specify the affected version(s) of the Spotify clone.
We will respond within 48 hours and provide an initial assessment of the vulnerability. We’ll work with you on remediation and coordinate a public disclosure timeline if appropriate.
We regularly review and address security issues and release updates as needed. Security advisories and notifications for critical updates will be available in:
To keep your usage of the Spotify Clone project secure:
- Always use the latest release.
- Review our recommended configuration and deployment practices.
We appreciate the responsible disclosure of security issues. If you report a confirmed security issue, you may be added to our list of acknowledgments.
Thank you for helping improve the security of this project!