d30bc212f7
* fix: update udev rules for input device permissions * refactor: remove HotkeyManager * feat: implement Linux Desktop Environment Shortcut Manager * refactor: remove HotkeyManager * fix: enhance input permissions setup with uaccess support * refactor: improve uinput permissions setup * refactor: update documentation for global shortcut permissions and usage * refactor: update udev rules and dependencies * refactor: remove outdated comment in useDarkMode hook * style: clean up script formatting and improve readability * chore: update UUID handling to use deterministic v5 * chore: simplify pipeline combining Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * chore: clarify comment Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2.4 KiB
Security Policy
Supported Versions
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0 | ❌ |
Reporting a Vulnerability
We take security seriously. If you discover a security vulnerability, please follow these steps:
🔒 Private Disclosure
Do NOT open a public issue for security vulnerabilities.
Instead, please report security issues via one of these methods:
-
GitHub Security Advisory: Use GitHub's private vulnerability reporting
-
Email: gustaavoribeeiro@hotmail.com
📝 What to Include
When reporting a vulnerability, please include:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Suggested fix (if you have one)
- Your contact information for follow-up questions
⏱️ Response Timeline
- Initial Response: Within 48 hours
- Status Update: Within 1 week
- Fix Timeline: Depends on severity
- Critical: 24-72 hours
- High: 1 week
- Medium: 2 weeks
- Low: Next release
🎁 Recognition
We appreciate security researchers who help keep our project safe. With your permission, we will:
- Acknowledge your contribution in release notes
- Add you to our security hall of fame (if created in the future)
Security Best Practices
When using Windows 11 Clipboard History For Linux:
- Keep Updated: Always use the latest version
- Build from Source: When possible, verify the source code
- Check Signatures: Verify release artifacts when available
- Report Issues: Help us by reporting any suspicious behavior
Known Security Considerations
Clipboard Data
- Clipboard history is stored locally only
- No data is transmitted over the network
- History is stored in memory (not persisted to disk by default)
- Sensitive data copied to clipboard will be stored in history
Permissions
- Global hotkey capture: Required for global shortcuts (Super+V, Ctrl+Alt+V)
- System tray: For background operation
- Clipboard access: Core functionality
Wayland Security
On Wayland, clipboard access follows the compositor's security model, which may restrict access to clipboard contents from background applications in some configurations.
Thank you for helping keep Windows 11 Clipboard History For Linux secure! 🔐