| Version | Supported |
|---|---|
| 0.1.x | Yes |
If you discover a security vulnerability, do not open a public issue. Email dev@symfinity.net with:
- Type of vulnerability
- Full paths of source file(s) related to the issue
- The location of the affected code (tag, branch, commit, or URL)
- Step-by-step reproduction instructions
- Proof-of-concept or exploit code (if possible)
- Impact and plausible attack scenario
We aim to acknowledge within 48 hours and provide a detailed response within 7 days.
When using this bundle:
- Keep Symfony and Symfinity dependencies updated
- Install with
--devonly — do not enable UI Profiler in production - Disable the Web Debug Toolbar and profiler in production environments
- Treat profiler output as sensitive (routes, parameters, headers, session data)