| Version | Supported |
|---|---|
| 0.1.x | ✅ |
We take security seriously. If you discover a security vulnerability in Relay, please report it responsibly.
Please do NOT open a public GitHub issue for security vulnerabilities.
Instead, please email us at: relay_app@outlook.com
Alternatively, you can use GitHub Security Advisories to report vulnerabilities privately.
Include the following in your report:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
- Acknowledgment: We will acknowledge your report within 48 hours
- Updates: We will keep you informed of our progress
- Resolution: We aim to resolve critical issues within 7 days
- Credit: We will credit you in the release notes (unless you prefer anonymity)
This security policy applies to:
- The Relay desktop application
- All code in this repository
- Third-party dependencies (please report to their maintainers)
- Issues in user-provided API keys
- Keep your API keys secure - Never share your
.envfile - Review actions before approving - Relay always asks for permission before system changes
- Keep Relay updated - Install updates to get the latest security fixes
Thank you for helping keep Relay secure! 🔒