Thank you for using our experimental open-source projects. This document outlines the security policy for our experimental GitHub organization and its repositories.

The projects under this organization are experimental in nature. They are subject to change and may not follow the same rigorous security measures applied to our mainline projects. We provide these projects under the AGPL license with no warranties and disclaim any liability.

These repositories are distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. We disclaim all liability for any damages resulting from the use or misuse of these projects. Please use them at your own risk.

While security is important to us, it is crucial to understand that these experimental projects may not undergo thorough security assessments or reviews. However, we do appreciate any security-related feedback and reports.

If you discover a security vulnerability in any of our experimental repositories, please report it as follows:

1. Email: Send an email to security@centreon.com with the details of the vulnerability.

2. Details: Provide a comprehensive description of the vulnerability. Where applicable, include information about the potential impact, steps to reproduce the issue, and any suggested fixes or mitigation strategies.

We will acknowledge your report and make an effort to assess and address the issue in due course, depending on the nature and severity of the vulnerability.

Due to the experimental nature of these projects, security updates may not be regularly scheduled. Users are encouraged to monitor repositories for updates and use the latest versions when possible.

To help maintain the security of your environment when using our experimental projects, we recommend:

• Reviewing the code and dependencies yourself before using them in production environments.
• Keeping your software and dependencies up to date.
• Running the software in isolated environments or using containers to mitigate risks.
• Following general best practices for securing software applications and environments.

We appreciate your understanding of the experimental nature of these projects and your willingness to contribute to improving their security. Thank you for your interest and support!

For any questions or further assistance, please feel free to contact us on the Centreon Labs group of the Centreon community platform The Watch.

This SECURITY.md file is last updated on 24/05/2024. Please refer to this document regularly for any updates.