TrueChartsClone/.github/SECURITY.md

# Security Policy

## Supported Versions of TrueNAS SCALE

Our focus will always be on the latest version of TrueNAS SCALE.
However: We might provide extended support to older versions of TrueNAS SCALE as depicted in our Support Policy


## CVE's and you

When we build our own containers, we aim not to have any non-mitigated high or critical CVE's present. For the containers made by others, we aim to use the most secure container available, but we cannot guarantee they keep to the same high safetly standards as we do.


## Response timeframe

The safety of our users is our prime concerns. We therefore aim to respond to any issues within 24 hours.

Though we hope that such situations will never happen, we will, in the most dire of circumstances, not hesitate with agressive responses to fix issues. This includes completely locking down/removing certain Apps or portions of the project from being installed.


## Compliance

As project owner is located in the Netherlands, we need to comply to all legal requirements and lawfull orders from the Government of the Netherlands.

**As of Today we have not recieved any data requests from the Dutch Government, that we are forbiden to make public. **

We are required to be fully GDPR compliant and fall under the sole authority of the Dutch Privacy Authority when it comes to GDPR compliance.


## Reporting a Vulnerability

If you find any security issue, please email the project directly:
info@truecharts.org
Add basic github stuff 2020-12-31 11:47:56 +00:00			`# Security Policy`

Post Code-Freeze Review, Bugsfixes and Documentation - Fix traefik Portal Button - Touchup Security Policies - Update Support Policies - Re-Add Deluge as incubator App - Add Canary to Security Policies - Add all-contributors basic config 2021-03-31 20:50:04 +00:00			`## Supported Versions of TrueNAS SCALE`
Add basic github stuff 2020-12-31 11:47:56 +00:00
Post Code-Freeze Review, Bugsfixes and Documentation - Fix traefik Portal Button - Touchup Security Policies - Update Support Policies - Re-Add Deluge as incubator App - Add Canary to Security Policies - Add all-contributors basic config 2021-03-31 20:50:04 +00:00			`Our focus will always be on the latest version of TrueNAS SCALE.`
			`However: We might provide extended support to older versions of TrueNAS SCALE as depicted in our Support Policy`


			`## CVE's and you`

chore(Everything): Adapt for TrueNAS SCALE RC1 2021-10-25 11:02:15 +00:00			`When we build our own containers, we aim not to have any non-mitigated high or critical CVE's present. For the containers made by others, we aim to use the most secure container available, but we cannot guarantee they keep to the same high safetly standards as we do.`
Post Code-Freeze Review, Bugsfixes and Documentation - Fix traefik Portal Button - Touchup Security Policies - Update Support Policies - Re-Add Deluge as incubator App - Add Canary to Security Policies - Add all-contributors basic config 2021-03-31 20:50:04 +00:00

			`## Response timeframe`

			`The safety of our users is our prime concerns. We therefore aim to respond to any issues within 24 hours.`

			`Though we hope that such situations will never happen, we will, in the most dire of circumstances, not hesitate with agressive responses to fix issues. This includes completely locking down/removing certain Apps or portions of the project from being installed.`
Add basic github stuff 2020-12-31 11:47:56 +00:00

Post Code-Freeze Review, Bugsfixes and Documentation - Fix traefik Portal Button - Touchup Security Policies - Update Support Policies - Re-Add Deluge as incubator App - Add Canary to Security Policies - Add all-contributors basic config 2021-03-31 20:50:04 +00:00			`## Compliance`

			`As project owner is located in the Netherlands, we need to comply to all legal requirements and lawfull orders from the Government of the Netherlands.`

			`As of Today we have not recieved any data requests from the Dutch Government, that we are forbiden to make public. `

			`We are required to be fully GDPR compliant and fall under the sole authority of the Dutch Privacy Authority when it comes to GDPR compliance.`



			`## Reporting a Vulnerability`
Add basic github stuff 2020-12-31 11:47:56 +00:00
Post Code-Freeze Review, Bugsfixes and Documentation - Fix traefik Portal Button - Touchup Security Policies - Update Support Policies - Re-Add Deluge as incubator App - Add Canary to Security Policies - Add all-contributors basic config 2021-03-31 20:50:04 +00:00			`If you find any security issue, please email the project directly:`
			`info@truecharts.org`