Skip to content

Security: mooxphp/moox

SECURITY.md

Security Policy

Security Measures

We are very concerned about security. Therefore we have taken some precautions:

  • We use Snyk, a platform that regularly checks our security
  • We have enabled all security features on Github
  • We use Dependabot Security to be immediately aware of security issues in our dependencies and prevent security vulnerabilities throughout the dependency chain
  • We use Renovate to automatically check all dependencies and create automatic pull requests for updates
  • We use PHPStan / Larastan, the best static analyzer for PHP and Laravel to catch every bug in our codebase
  • We have branch protection enabled and run all check before merging to main
  • We always stay on the current stable versions and choose our dependencies with great care

Supported Versions

We currently support the current version, means the main-Branch and the current packages on packagist.

Version Supported
dev-main

Reporting a Vulnerability

If you spot a potential vulnerability, please go to https://github.com/mooxphp/moox/security/advisories and click on the Report a vulnerability-Button or send an email to security@moox.org.

Please do not create a GitHub issue for security vulnerabilities. This could allow potential attackers to exploit the vulnerability and cause damage before we've had a chance to patch it.

There aren’t any published security advisories