We take security seriously. The following versions of fPaint are currently being supported with security updates:
| Version | Supported |
|---|---|
| 1.1.x | ✅ |
| 1.0.x | ✅ |
| < 1.0 | ❌ |
If you discover a security vulnerability in fPaint, please help us by reporting it responsibly.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report security vulnerabilities by emailing the maintainers at security@fpaint.dev.
You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message.
Please include the following information in your report:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes or mitigations
When using fPaint, please follow these security best practices:
- Keep your Flutter SDK and dependencies up to date
- Only open files from trusted sources
- Be cautious when sharing artwork files
- Use strong passwords for any accounts associated with the application
We kindly ask that you:
- Give us reasonable time to fix the issue before making it public
- Avoid accessing or modifying user data
- Avoid disrupting our services
- Do not perform DoS attacks or spam our systems
We will acknowledge your contribution to keeping fPaint and its users safe, and we may include your name in our Hall of Fame (with your permission) once the issue is resolved.
Thank you for helping keep fPaint secure!