Only the current major rewrite version (2.0) and a limited number of feature releases will be supported.
Version | Supported |
---|---|
2.0.x | ✅ |
< 2.0 | ❌ |
If the risk us backup integrity compromise, such as:
- Unauthorized read from a tapestry backup, or;
- Unauthorized signing/modification of a tapestry backup
Please contact securty@kenshosec.com rather than opening a ticket, due to the potentially sensitive nature of such information.
For all other security issues (privesc, etc), a typical issue ticket would suffice.
Tapestry is not covered by a formal bug bounty program, but we encourage research into its security implications and will not prosecute in the event vulnerabilities are found.