The following versions of this package are currently supported with security updates:
| Version | Supported |
|---|---|
| v1.x | ✅ |
| v0.x | ✅ |
If you discover a security vulnerability within this package, please follow these steps:
- Do not open a public issue on GitHub
- Email your report to: abc.imams@gmail.com
- Include a detailed description of the vulnerability
- Include steps to reproduce the issue
- Include any relevant code samples or proof-of-concept
- Once we receive your security report, we will acknowledge it within 24 hours
- Our security team will review and validate the report
- If confirmed, we will:
- Develop a fix for the vulnerability
- Release a patched version
- Publish a security advisory on GitHub
- We follow responsible disclosure: fixes are released before full details are disclosed
This security policy applies to:
- The
imsus/laravel-imgproxypackage code - The
imgproxy()helper function and its methods - The ImgProxy facade
- Configuration loading and HMAC signature generation
This policy does not apply to:
- The ImgProxy server itself (please report to imgproxy.net)
- User-provided source URLs or watermark URLs
- Your application's implementation of this package