At Overmounting, we prioritize the security of our codebase. Here's our policy for considering a build as "safe":

1. Code Review:

   • Every code change undergoes a thorough review by our development team.

2. Automated Testing:

   • All builds must pass automated security tests, including static analysis and vulnerability scanning.

3. Dependency Scanning:

   • We regularly scan dependencies for known vulnerabilities, and a build is considered safe only if all dependencies are up-to-date and free from critical vulnerabilities.

4. Security Review:

   • A dedicated security review is conducted for significant changes or features.

5. Secure Configuration:

   • Our deployment configurations follow security best practices.

6. Incident Response:

   • We have a well-defined incident response plan in case security issues are identified post-release.

If you discover any security concerns or vulnerabilities in our codebase, please follow our Reporting a Vulnerability guidelines.

Thank you for your commitment to the security of Overmounting.

Undermounting mrboobai@proton.me