We are very concerned about security. Therefore we have taken some precautions:
- We use Snyk, a platform that regularly checks our security
- We have enabled all security features on Github
- We use Dependabot Security to be immediately aware of security issues in our dependencies and prevent security vulnerabilities throughout the dependency chain
- We use Renovate to automatically check all dependencies and create automatic pull requests for updates
- We use PHPStan / Larastan, the best static analyzer for PHP and Laravel to catch every bug in our codebase
- We have branch protection enabled and run all check before merging to
main
- We always stay on the current stable versions and choose our dependencies with great care
We currently support the current version, means the main
-Branch and the current packages on packagist.
Version | Supported |
---|---|
dev-main | ✅ |
If you spot a potential vulnerability, please go to https://github.com/mooxphp/moox/security/advisories and click on the Report a vulnerability
-Button or send an email to security@moox.org.
Please do not create a GitHub issue for security vulnerabilities. This could allow potential attackers to exploit the vulnerability and cause damage before we've had a chance to patch it.