We actively maintain and provide security updates for the following versions:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0 | ❌ |
We take the security of PHP Progressive JSON Stream seriously. If you discover a security vulnerability, please report it responsibly.
Please do NOT report security vulnerabilities through public GitHub issues.
Instead, please report security vulnerabilities by email to:
Include the following information:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Any suggested fixes (if available)
- Acknowledgment: We will acknowledge receipt of your report within 48 hours
- Investigation: We will investigate and assess the vulnerability
- Communication: We will keep you informed of our progress
- Resolution: We will work to resolve the issue promptly
- Disclosure: We will coordinate public disclosure after the fix is available
When using PHP Progressive JSON Stream in production:
- Keep Updated: Always use the latest version
- Validate Input: Always validate data before streaming
- Sanitize Output: Be cautious with user-generated content
- Monitor Dependencies: Keep all dependencies updated
- Follow PHP Security: Follow general PHP security best practices
This security policy covers:
- The core PHP Progressive JSON Stream library
- Security issues in the streaming functionality
- Vulnerabilities in placeholder resolution
- Issues with data validation and sanitization
We appreciate responsible disclosure and will acknowledge security researchers who help improve the security of PHP Progressive JSON Stream.
For security-related questions or concerns:
- Email: el3zahaby@gmail.com
- Subject: "Security - PHP Progressive JSON Stream"
Thank you for helping keep PHP Progressive JSON Stream secure!