Security

SECURITY.md

Security Policy

Supported Versions

Version	Supported
Current production (eidwtimes.xyz)	✅

Reporting a Vulnerability

Report security issues responsibly.

How to Report

Email: odin@odinglynn.com

Include:

Description of the vulnerability
Steps to reproduce
Potential impact
Any suggested fixes (optional)

What to Expect

Acknowledgment: Within 48 hours
Initial Assessment: Within 1-2 days
Resolution Timeline: Depends on severity, typically 1-4 days

Scope

This policy covers:

The EIDW Times web application (eidwtimes.xyz)
The backend API (datagram.eidwtimes.xyz)
The data polling infrastructure
Authentication and bot protection (Bounce Token, Datagram, reCAPTCHA)

Out of scope:

Dublin Airport's own APIs or infrastructure
Third-party services (Vercel, GCP, Fingerprint Pro, PostHog)
Anything not in this repo

There aren't any published security advisories