| Version | Supported |
|---|---|
main |
✅ |
| Latest published release | ✅ |
We take the security of HOL software seriously. If you discover a security issue in this repository:
- Do not disclose the issue publicly before the maintainers have had time to assess it.
- Send a report to support@hashgraphonline.com.
- Include the following details when possible:
- a description of the issue
- impact and affected surfaces
- reproduction steps
- logs, screenshots, or proof of concept details
- suggested mitigations if you have them
We aim to acknowledge security reports within 48 hours and provide an initial assessment within 72 hours.
When working with this plugin:
- Use the latest released version of the package.
- Keep broker credentials and API keys out of source control.
- Avoid documenting private broker deployment details in public files.
- Validate external broker inputs and responses before acting on them.
- Re-run the broker-backed smoke test after changes that affect delegation, chat, or history flows.
For security-related inquiries, contact support@hashgraphonline.com.