Skip to content

Security: GoogleCloudPlatform/opentelemetry-operations-js

SECURITY.md

Security Policy

Supported Versions

We support only the last minor version of each supported major release: bug fixes are released either as part of the next minor version or as an on-demand patch version. Independent of which version is next, all patch versions are cumulative, meaning that they represent the state of our main branch at the moment of the release. For instance, if the latest version is 0.10.0, bug fixes are released either as part of 0.11.0 or 0.10.1.

Major releases are supported for 12 months after a new major version is released: https://opensource.google/documentation/policies/library-breaking-change.

Security fixes are given priority and might be enough to cause a new version to be released.

Reporting a Vulnerability

In order for the vulnerability reports to reach maintainers as soon as possible, please use the Report a vulnerability button on the Security tab in the respective GitHub repository. It creates a private communication channel between the reporter and the maintainers.

There aren’t any published security advisories