The following versions of AuditTrailBundle are currently being supported with security updates.

We take the security of AuditTrailBundle seriously. If you believe you have found a security vulnerability, please report it to us responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Please report security vulnerabilities privately by emailing rcsofttech85@gmail.com

When reporting, please include:

• A descriptive title for the vulnerability.
• The version(s) of the bundle affected.
• A detailed description of the vulnerability.
• Steps to reproduce the issue (a proof-of-concept is highly appreciated).
• Potential impact of the vulnerability.

• Acknowledgment: You will receive an acknowledgment of your report within 48 hours.
• Investigation: We will investigate the report and may contact you for further information.
• Update: We will provide regular updates (at least once a week) on the status of the investigation and any planned fixes.
• Resolution: If the vulnerability is confirmed, we will work on a fix. Once the fix is ready, we will release a new version and, if appropriate, publish a security advisory.
• Credit: If you wish, we will credit you for the discovery in the security advisory and release notes.

We follow a coordinated disclosure policy. We ask that you do not disclose the vulnerability publicly until we have had a reasonable amount of time to address it and release a fix. In return, we will work with you to ensure your findings are communicated clearly and accurately.