We actively support the following versions of this GitHub Action:
| Version | Supported |
|---|---|
| v1.x.x | ✅ |
| < v1.0 | ❌ |
Please ensure you're using a supported version for security updates.
If you discover a security vulnerability in this GitHub Action, please do not publicly disclose it. Instead, follow these steps:
-
Contact us via Email
Email us at [email protected] with details of the vulnerability, including:- A detailed description of the issue.
- Steps to reproduce the vulnerability.
- Any additional information or proof of concept.
-
Expect a Response
We will respond to your report within 48 hours and will provide:- Acknowledgment of receipt.
- An initial assessment of the issue.
- An estimated timeline for a fix.
-
Collaborate on a Fix
We may reach out for further clarification or collaboration if needed. Once resolved, we will:- Publish a patched version.
- Credit you (if desired) in the release notes.
-
Responsible Disclosure
To protect users, we request that you wait until a fix is released before publicly disclosing the vulnerability.
This security policy applies to the bunheree/gemini-review GitHub Action. For vulnerabilities in other projects, please report them to their respective maintainers.