We take security seriously at Dev8.dev. The following versions are currently supported with security updates:
| Version | Supported |
|---|---|
| 1.x.x | β Supported |
| < 1.0 | β Not supported |
If you discover a security vulnerability in Dev8.dev, please report it responsibly:
For security vulnerabilities, please DO NOT create a public GitHub issue. Instead:
- Email us: Send details to
[email protected] - Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any proof of concept code (if applicable)
- Initial Response: Within 24 hours
- Status Update: Within 72 hours
- Resolution: Varies by severity (1-30 days)
Security issues we're particularly interested in:
- Authentication bypass
- Privilege escalation
- Data injection vulnerabilities
- Cross-site scripting (XSS)
- Code execution vulnerabilities
- Infrastructure security issues
We believe in recognizing security researchers who help keep Dev8.dev safe:
- Public acknowledgment (with permission)
- Hall of fame on our website
- Potential bounty rewards (case by case)
When using Dev8.dev:
- Keep your dependencies updated
- Use strong, unique passwords
- Enable two-factor authentication
- Follow secure coding practices
- Regularly review access permissions
Dev8.dev includes several security measures:
- End-to-end encryption for sensitive data
- Secure authentication with NextAuth.js
- Rate limiting and DDoS protection
- Regular security audits
- Automated vulnerability scanning
Thank you for helping keep Dev8.dev and our community safe! π‘οΈ