d398a6ced2
- CitrineOS core extracted (CSMS OCPP 2.0.1) - OpenOCPP extracted (firmware OCPP 1.6J/2.0.1) - ShapeShifter library installed (pip install -e) - ShapeShifter specification extracted - EVerest extracted TODO updated with progress
27 lines
1.1 KiB
ReStructuredText
27 lines
1.1 KiB
ReStructuredText
.. _project-security-policy:
|
|
|
|
###############
|
|
Security Policy
|
|
###############
|
|
|
|
Supported Versions
|
|
==================
|
|
|
|
Since the beginning of 2026 we are releasing versions of EVerest with a cadence of six months.
|
|
The specifics of this release process are outlined in the :ref:`Release Documentation <project-release-and-versioning>`.
|
|
|
|
Reporting a Vulnerability
|
|
=========================
|
|
|
|
If you found a vulnerability, we are super keen and grateful to get the details. Please use this private mailing list to let us know:
|
|
everest-security@lists.lfenergy.org
|
|
|
|
Please DON'T use the publicly visible issue reporting functionality from GitHub!
|
|
Alternatively you can use the "Report a vulnerability" feature on Github
|
|
which should be enabled in all repositories.
|
|
For example for EVerest you can find this here: https://github.com/EVerest/EVerest/security
|
|
|
|
We try to monitor this list and respond every working day, but in initial respond time should not go beyond 7 days.
|
|
Please provide us with your estimation of the severity of your finding. Every other information on how to exploit it as well as everything
|
|
else you could provide is helpful.
|