π¦ Project: checkcle
checkcle is a lightweight, TypeScript-based built for uptime and server monitoring tools.
We care about the security and privacy of users running this project in production environments.
If you believe you have found a security vulnerability in this project:
- DO NOT open a public issue to report it.
- Please report it responsibly via one of the following methods:
π Preferred: Report a Vulnerability via GitHub
- Use the GitHub security advisory form (private and secure).
- Attach as much detail as possible:
- Description of the issue
- Affected version or commit hash
- Reproduction steps
- Impact and any potential mitigations
- Logs or screenshots (if available)
- Email:
security@checkcle.io - Optionally include a PGP public key for encrypted messages
We aim to respond within 3β5 business days.
We support the latest stable release of checkcle. Security patches may also be applied to recent versions at our discretion.
| Version | Supported |
|---|---|
main (latest) |
β Yes |
| Older versions | |
| Pre-release or forks | β No |
This project adheres to the following practices to enhance security:
- π Regular vulnerability checks using
npm audit - βοΈ Dependency pinning via
package-lock.json - β
Type-safe code using
TypeScript - π§ͺ Continuous testing and CI
- π No data is stored or transmitted unless explicitly configured by the user
- π§βπ» All contributions are reviewed before being merged
checkclemakes outbound HTTPS requests to check certificate details β avoid running in untrusted or high-risk environments without proper network policies.- Output may contain certificate metadata (e.g., CN, SANs, expiry dates) β avoid exposing this to public logs unless sanitized.
- The data may be lost upon system restarts or crashes. Always ensure that backup and recovery mechanisms are in place in production environments.
This project is released under the MIT License. Use at your own risk. The Creator and contributors are not liable for misuse, data loss, or operational impact resulting from use of the software.
We appreciate responsible disclosures from the community. Your efforts help us make the open-source ecosystem safer for everyone.
Thanks & Regards,
β Tola Leng