We provide security updates and patches only for actively maintained versions of IJAI.
| Version | Supported |
|---|---|
| main / latest | ✅ |
| older releases | ❌ (please upgrade to the latest version) |
If you discover a security vulnerability, please do not open a public issue.
Instead, send a responsible disclosure to:
yan.bragin10@gmail.com
Please include the following details:
- A description of the vulnerability
- Steps to reproduce
- The potential impact
- Any possible mitigation or fix (optional)
We will:
- Acknowledge your report within 48 hours
- Provide status updates within 7 days
- Credit you publicly (if desired) once the issue is resolved
- Transparency — we openly communicate about fixed vulnerabilities.
- Confidentiality — all reports are kept private until resolved.
- Integrity — we verify all patches and dependency updates.
- Responsibility — we prioritize user and contributor safety.
To keep your IJAI installation secure:
- Always run the latest stable version.
- Avoid exposing internal endpoints publicly.
- Use strong authentication and isolated environments.
- Never commit API keys, tokens, or model secrets.
- Validate third-party extensions before using them.
Security is a shared responsibility.
Thank you for helping us keep IJAI safe for everyone in the AI community.
"Strong intelligence deserves strong protection."