Private

Public Access

Files

git-echo ae515ecb3a

CI/CD Pipeline / Code Format (push) Successful in 4s

CI/CD Pipeline / Clippy Lints (push) Successful in 43s

CI/CD Pipeline / All Unit Tests (push) Successful in 1m12s

CI/CD Pipeline / Security Audit (push) Successful in 4s

CI/CD Pipeline / Enrollment Tests (push) Successful in 1m14s

CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 1m8s

CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Successful in 2m26s

CI/CD Pipeline / Build RPM Package (push) Successful in 2m33s

CI/CD Pipeline / Build Arch Package (push) Successful in 2m37s

CI/CD Pipeline / Build Debian Package (push) Successful in 2m15s

CI/CD Pipeline / Build Alpine Package (push) Successful in 3m31s

2026-05-31 00:12:14 -05:00

Security Policy

Supported Versions

Only the latest release is currently supported with security updates.

Version	Supported
Latest	✅
Older	❌

Do not report security vulnerabilities through public GitHub Issues.

Instead, use GitHub's private vulnerability reporting:

This allows us to coordinate a fix before public disclosure.

We follow coordinated disclosure:

We ask for 90 days before public disclosure of a vulnerability
Security advisories are published via GitHub Security Advisories
We will work with you to determine an appropriate disclosure timeline when a fix requires more time

This project is a security tool — we hold ourselves to a high standard:

Signed commits: All commits must be signed (SSH signing)
CI enforcement: All PRs require passing CI checks (fmt, clippy, test, audit, build)
Dependency auditing: cargo audit runs in CI to catch known vulnerabilities

Contributors who responsibly report vulnerabilities will be credited in the corresponding GitHub Security Advisory.