The following versions of Stationbord are currently supported with security updates:
| Version | Supported |
|---|---|
| 0.x.x | ✅ |
If you discover a security vulnerability, please report it responsibly.
Do not open a public GitHub issue for security-related problems.
Instead:
- Open a private security advisory on GitHub (preferred), or
- Contact the maintainer directly.
When reporting, please include:
- A clear description of the issue
- Steps to reproduce (if applicable)
- Potential impact
- Any relevant logs, screenshots, or PoC code
You can expect:
- An acknowledgement within a few days
- A best-effort fix for supported versions
- Responsible disclosure once the issue is resolved
This policy covers:
- The Stationbord application code
- API usage and request handling
- Docker images (if used)
- Configuration and environment variable handling
It does not cover:
- Issues in third-party services (such as the iRail API itself)
- Problems caused by misconfigured self-hosted environments
Responsible disclosure helps keep the project safe for everyone.
Your effort is appreciated.