MatrixHub provides security fixes for maintained release branches. Versions that are end-of-life (EOL) do not receive security updates.
| Version | Supported |
|---|---|
| Latest release | Yes |
| Previous minor release | Best effort |
| Older releases | No |
Check GitHub releases for the current supported version.
In scope (please report):
- The MatrixHub source code in this repository
- Official container images (
ghcr.io/matrixhub-ai/matrixhub) and the Helm chart - Authentication, authorization, multi-tenancy, and data-isolation issues
Out of scope (please do not file as vulnerabilities):
- The public demo at demo.matrixhub.ai and its
documented default credentials (
admin/changeme) — these are intentional for evaluation only. - Vulnerabilities in third-party dependencies that are already publicly known and do not have a MatrixHub-specific impact (these are tracked via Dependabot).
- Issues that require physical access, a compromised host, or misconfiguration contrary to the hardening guidance below.
If you are unsure whether something is in scope, report it — we would rather triage a borderline report than miss a real issue.
Security reports and triage are handled by the active maintainers listed in MAINTAINERS.md.
For vulnerability reports, use the private reporting channel described below (not public issues or maintainer DMs).
Please do not report security vulnerabilities through public GitHub issues.
- Go to Security advisories for this repository.
- Choose Report a vulnerability and submit details.
Maintainers will acknowledge receipt and work with you on coordinated disclosure.
We currently accept vulnerability reports only via GitHub Security Advisories. A dedicated security email alias may be added later.
When submitting an advisory, include:
- Description of the issue and impact
- Steps to reproduce
- Affected versions or commits
- Any proof-of-concept or logs (avoid sharing secrets)
There is no bug bounty program at this time.
| Stage | Target |
|---|---|
| Initial acknowledgment | Within 3 business days |
| Triage and severity assessment | Within 7 business days |
| Fix or mitigation plan | Depends on severity; critical issues prioritized |
These are goals, not guarantees. Complex issues may take longer.
- Reporter submits a private GitHub Security Advisory.
- Maintainers confirm the issue, assign severity, and develop a fix (often on a private branch).
- A patched release is published; credit is given to the reporter if desired.
- A public advisory is published via GitHub Security Advisories (GHSA), and a CVE ID is requested where applicable. Release notes reference the fix.
We follow coordinated disclosure. We aim to disclose publicly once a fix is available, and ask reporters to observe an embargo of up to 90 days from the initial report before public disclosure, to give users time to upgrade. We are happy to coordinate timing with the reporter and other affected projects.
MatrixHub runs the following checks in CI:
| Check | Scope | Workflow | Output |
|---|---|---|---|
| govulncheck | Go dependencies & stdlib | govulncheck.yml |
PR check (blocks on known vulns) |
| CodeQL | Go + JS/TS static analysis | codeql.yml |
GitHub Security tab (SARIF) |
| Trivy | Container image CVEs | call-release-image.yaml |
GitHub Security tab (SARIF) |
| Dependabot | Go, npm, Actions, Docker | dependabot.yml |
Automated PRs + security alerts |
| Cosign + SBOM | Release images | call-release-image.yaml |
Signed images with SPDX SBOM |
All scanning workflows start non-blocking (report-only). After initial triage they are promoted to required checks on main.
MatrixHub is often deployed on private networks. Operators should:
- Restrict network access to the API and admin UI
- Use strong authentication, TLS, and secrets management
- Keep dependencies and container images updated
- Follow your organization’s model-artifact and supply-chain policies
MatrixHub publishes signed artifacts to help you verify provenance:
- Signed container images. Release images are signed keylessly with Cosign using GitHub Actions OIDC (Fulcio/Rekor), so no long-lived signing keys are involved.
- Software Bill of Materials (SBOM). An SPDX SBOM is generated for each release image and attached alongside it.
Verify an image and download its SBOM:
# Verify the signature (keyless, GitHub Actions OIDC)
cosign verify \
--certificate-identity-regexp 'https://github.com/matrixhub-ai/matrixhub/.*' \
--certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
ghcr.io/matrixhub-ai/matrixhub:<tag>
# Download the attached SBOM
cosign download sbom ghcr.io/matrixhub-ai/matrixhub:<tag>Open a pull request against this file or discuss with maintainers in the
#matrixhub channel on the
CNCF Slack.