GitHub-JetBrains
/
compose-jb
mirror of https://github.com/JetBrains/compose-jb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Compose Multiplatform, a modern UI framework for Kotlin that makes building performant and beautiful user interfaces easy and enjoyable.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2622 Commits
308 Branches
718 Tags
349 MiB
 
 
 
 
Tree: 8c50bcbf16
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8c50bcbf16'
${ noResults }
compose-jb/SECURITY.md

1.6 KiB
Raw Blame History

Security

We do our best to make sure our products are free of security vulnerabilities. To reduce the risk of introducing a vulnerability, you can follow these best practices:

  • Always use the latest release. For security purposes, we sign our releases published on Maven Central with these PGP keys:

    • Key ID: compose@jetbrains.com
    • Fingerprint: 2072 3A63 99BC 0601 5428 3B37 CFAE 163B 64AC 9189
    • Key type: ed25519

  • Follow the Gradle Dependency Verification Guide to set up continuous verification or learn how to manually verify a dependency.

  • Use the latest versions of your application's dependencies. If you need to use a specific version of a dependency, periodically check if any new security vulnerabilities have been discovered. You can follow the guidelines from GitHub or browse known vulnerabilities in the CVE base.

We are very eager and grateful to hear about any security issues you find. To report vulnerabilities that you discover in Compose Multiplatform, please post a message directly to our issue tracker or send us an email.

For more information on how our responsible disclosure process works, please check the JetBrains Coordinated Disclosure Policy.