UniqAI
/
open-webui
mirror of https://github.com/open-webui/open-webui
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create SECURITY.md 

Hello Team,

As the continued popularity of this project increases we should be taking our projects goals in mind with concerns to privacy and security. In the near future I would like to at least start testing the codebase with SAST(semgrep) and Synk.io (Software Composition Analysys) To highlight any potential weaknesses in the security of the product. 

I am happy to start contributing from the security side.
This commit is contained in:
Doug Winzell 2024-01-24 07:08:49 -08:00 committed by GitHub
parent b6d9cf3bc8
commit 55820b7991
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
SECURITY.md Normal file
View File

@ -0,0 +1,20 @@
# Security Policy
Our primary goal is to ensure the protection and confidentiality of sensitive data stored by users on ollama-webui.
## Supported Versions
| Version | Supported |
| ------- | ------------------ |
| main | :white_check_mark: |
| others | :x: |
## Reporting a Vulnerability
If you discover a security issue within our system, please notify us immediately via a pull request or contact us on discord.
## Product Security
We regularly audit our internal processes and system's architecture for vulnerabilities using a combination of automated and manual testing techniques.
We are planning on implementing SAST and SCA scans in our project soon.