We support the following versions of JIRA CLI with security updates:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
If you discover a security vulnerability in JIRA CLI, please report it by:
- DO NOT create a public GitHub issue for security vulnerabilities
- Email the maintainers directly at: [pchuri@example.com]
- Include the following information:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Suggested fix (if any)
- Response Time: We will acknowledge your report within 48 hours
- Investigation: We will investigate and respond with our findings within 7 days
- Fix Timeline: Critical vulnerabilities will be patched within 30 days
- Credit: We will credit you in the security advisory (if desired)
When using JIRA CLI:
- Store API tokens securely using environment variables
- Never commit credentials to version control
- Use the latest version of JIRA CLI
- Regularly update dependencies
- Use secure HTTPS connections to JIRA servers
- We will coordinate with you on the disclosure timeline
- We will create a security advisory on GitHub when the fix is released
- Public disclosure will happen after users have had time to update
Thank you for helping keep JIRA CLI secure!