sirix

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in SirixDB, please report it responsibly.

Do not open a public GitHub issue for security vulnerabilities.

Instead, please report vulnerabilities through one of these channels:

  1. GitHub Security Advisories: Use GitHub’s private vulnerability reporting to submit a report directly.
  2. Discord: Contact a maintainer privately on Discord.

What to Include

Response Timeline

Supported Versions

Version Supported
1.0.0-alpha (latest) Yes
< 1.0.0-alpha No

SirixDB is in its 1.0 alpha series; security fixes land on the latest alpha. Once 1.0.0 is released, this table will track the supported stable line.

Security Considerations

SirixDB’s append-only architecture provides inherent data integrity guarantees:

When deploying SirixDB in production: