# Security Policy

This document outlines our security policy for the codebase, and how to report vulnerabilities.

## Versions

| Version     | Branch                   | Supported          | Website active   |
| ----------- | ------------------------ | ------------------ | ---------------- |
| production  | `production-current`     | :white_check_mark: | freecodecamp.org |
| beta        | `production-staging`     | :white_check_mark: | freecodecamp.dev |
| development | `master`                 |                    |                  |

## Reporting a Vulnerability

If you think you have found a vulnerability, *please report responsibly*. Don't create GitHub issues for security issues. Instead, please send an email to `security@freecodecamp.org` and we'll look into it immediately.

We appreciate any responsible disclosure of vulnerabilities that might impact the integrity of our platforms and users. While we do not offer any bounties or swags at the moment, we'll be happy to list your name in our [Hall of Fame](HoF.md) list.

Ensure that you are using the **latest**, **stable** and **updated** version of the Operating System and Web Browser available to you on your machine.