The following table shows which versions of the integration are currently supported with security updates:
| Version | Supported |
|---|---|
| Latest (main branch) | ✅ |
| Previous releases | ❌ |
Security fixes are applied only to the latest version available on the main branch.
Users are encouraged to always update to the most recent release via HACS or by pulling the latest commit from this repository.
If you discover a security vulnerability in this integration, please do not open a public GitHub issue.
Instead, report it privately using the GitHub Security Advisory feature:
Go to “Security → Advisories → Report a vulnerability” in this repository.
Please include the following details in your report (if applicable):
- Description of the vulnerability
- Steps to reproduce
- Expected vs. actual behavior
- Any relevant logs, screenshots, or proof-of-concept code
Reports will be acknowledged within 72 hours, and a remediation or mitigation plan will be provided within 7 business days, depending on severity.
This security policy applies only to:
- The HomeAssistant-OctopusEnergyIT custom integration code in this repository
- Configuration or data handled directly by the integration itself
Issues related to:
- Octopus Energy Italy APIs
- Home Assistant Core
- Third-party dependencies
should be reported to their respective maintainers or vendors.
Please follow a responsible disclosure process.
Do not publicly share or exploit vulnerabilities before they have been confirmed and fixed.
All contributors are expected to comply with GitHub’s Security Policy.
Thank you for helping make Home Assistant integrations more secure! 🙏